Skip to content

brainfood / inkluster-dev

Go to a project
Toggle navigation
Toggle navigation pinning
Switch branch/tag
entrypoint.sh 2.35 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 
#!/bin/bash

set -e

tool_uid=
tool_gid=

adjust_tool_uid_gid() {
	declare usermod_args=() groupmod_args=()
	declare -a new_groups=()

	if [[ $MAP_UID ]]; then
		[[ $tool_uid -ne $MAP_UID ]] && usermod_args+=(-u $MAP_UID)
		tool_uid="$MAP_UID"
	fi
	if [[ $MAP_GROUPS ]]; then
		set -- $MAP_GROUPS
		if [[ $tool_gid -ne $1 ]]; then
			groupmod_args=(-g "$1")
			tool_gid="$1"
		fi
		shift
		for group in "$@"; do
			groupadd -g $group -o tool_$group
			new_groups+=(tool_$group)
		done
		IFS=,
		if [[ ${#new_groups[*]} -gt 0 ]]; then
			usermod_args+=(-aG "${new_groups[*]}")
		fi
	fi
	if [[ ${#groupmod_args[*]} -gt 0 ]]; then
		groupmod "${groupmod_args[@]}" tool
	fi
	if [[ ${#usermod_args[*]} -gt 0 ]]; then
		usermod "${usermod_args[@]}" tool
	fi
}

configure_ssh() {
	if [[ ! -d /home/tool/.ssh ]]; then
		mkdir /home/tool/.ssh
		chmod 700 /home/tool/.ssh
	fi
	if [[ ! -d $run_state/ssh_known_hosts ]]; then
		touch "$run_state/ssh_known_hosts"
	fi
	known_hosts_file="/home/tool/.ssh/known_hosts"
	ssh_config_file="/home/tool/.ssh/config"
	ln -sf "$run_state/ssh_known_hosts" "$known_hosts_file"
	if [[ $SSH_KNOWN_HOSTS ]]; then
		# If known_hosts was kept between runs, this loop would be faster.
		for host in $SSH_KNOWN_HOSTS; do
			ssh-keygen -q -F $host -f "$known_hosts_file" 1>/dev/null || ssh-keyscan $host >> ""$known_hosts_file"" 2>/dev/null
		done
	fi
	{
		echo "Host *"
		echo " PubkeyAcceptedAlgorithms +ssh-rsa"
		echo " StrictHostKeyChecking accept-new"
	} > "/home/tool/.ssh/config"
	chown tool:tool -R "/home/tool/.ssh"
}

configure_bash() {
	if [[ ! -e $run_state/bash_history ]]; then
		touch "$run_state/bash_history"
	fi
	ln -sf "$run_state/bash_history" "/home/tool/.bash_history"
	chown -h tool:tool "/home/tool/.bash_history"
}

configure_cache() {
	if [[ ! -d $run_state/cache ]]; then
		mkdir "$run_state/cache"
	fi
	ln -sf "$run_state/cache" /home/tool/.cache
	chown -h tool:tool "/home/tool/.cache"
}

tool_uid="$(id -u tool)"
tool_gid="$(id -g tool)"

adjust_tool_uid_gid

# TODO: Save /run/user between calls
mkdir -p /run/user/$tool_uid

run_state="/run/user/$tool_uid/inkluster-dev"

if [[ ! -d $run_state ]]; then
	mkdir -p "$run_state"
fi
configure_ssh
configure_bash
configure_cache

chown -R tool:tool /run/user/$tool_uid

[[ $# -eq 0 ]] && set -- "bash"
cmd="$(which "$1")"
shift

start-stop-daemon --chuid tool:tool --start -d $PWD -u tool --exec "$cmd" "$@"