New recipe: Redmine with MariaDB.

.recipes/redmine_mariadb/configs/configuration.yml

@@ -0,0 +1,29 @@
+# = Redmine configuration file
+# The entrypoint script sets chown 999:999 and chmod 644 to this file.
+#
+# Each environment has its own configuration options.  If you are only
+# running in production, only the production block needs to be configured.
+# Environment specific configuration options override the default ones.
+#
+# Note that this file needs to be a valid YAML file.
+# DO NOT USE TABS! Use 2 spaces instead of tabs for indentation.
+
+# default configuration options for all environments
+default:
+  # Outgoing emails configuration
+  # Feel free to setup your local SMTP settings here.
+  email_delivery:
+    delivery_method: :smtp
+    smtp_settings:
+      address: 'host.docker.internal'
+      port: 25
+      enable_starttls_auto: false
+
+# specific configuration options for production environment
+# that overrides the default ones
+production:
+
+# specific configuration options for development environment
+# that overrides the default ones
+development:
+

.recipes/redmine_mariadb/configs/database.yml

@@ -0,0 +1,21 @@
+# = Redmine database configuration file
+# The entrypoint script sets chown 999:999 and chmod 644 to this file.
+#
+# Note that this file needs to be a valid YAML file.
+# DO NOT USE TABS! Use 2 spaces instead of tabs for indentation.
+
+production:
+  adapter: mysql2
+  database: redmine
+  host: database
+  username: redmine
+  # It should be the same as in the docker-compose.yml file.
+  password: "secret-1"
+  # Use "utf8" instead of "utfmb4" for MySQL prior to 5.7.7
+  encoding: utf8mb4
+  variables:
+    # Recommended `transaction_isolation` for MySQL to avoid concurrency issues is
+    # `READ-COMMITTED`.
+    # In case of MySQL lower than 8, the variable name is `tx_isolation`.
+    # See https://www.redmine.org/projects/redmine/wiki/MySQL_configuration
+    transaction_isolation: "READ-COMMITTED"

.recipes/redmine_mariadb/configs/mysql_conf_d

@@ -0,0 +1 @@
+../storage/volumes/mysql_conf_d

.recipes/redmine_mariadb/docker-compose.yml

@@ -0,0 +1,84 @@
+# Redmine (optionally with LDAP authentication) with MariaDB.
+#
+services:
+  # https://hub.docker.com/_/redmine
+  # https://github.com/docker-library/redmine
+  # https://github.com/redmine/redmine
+  redmine:
+    image: redmine:6
+    # Database must be accessible.
+    depends_on:
+      database:
+        condition: service_started
+    # Below you may find a possible solution if you also need to install some of the plugins'
+    # opsys dependencies. We don't want to extend the official image to maintain watchtower's 
+    # monitoring for updates. So we use CMD to make all the necessary changes.
+    # This will slightly prolong the start of the service.
+#    command:
+#      - /bin/bash
+#      - -c
+#      - |
+#        DEBIAN_FRONTEND=noninteractive apt update
+#        apt install -y --no-install-recommends build-essential zlib1g-dev
+#        apt clean
+#        rm -rf /var/lib/apt/lists/*
+#        source /docker-entrypoint.sh rails server -b 0.0.0.0
+
+    restart: unless-stopped
+    # Take a look the possible public port collision.
+    ports:
+      - 8201:3000
+    links:
+      - database
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      # The entrypoint script sets chown 999:999 and chmod 755/644 to these below.
+      # https://www.redmine.org/projects/redmine/wiki/RedmineInstall#Step-8-File-system-permissions
+      - ./storage/volumes/redmine_files:/usr/src/redmine/files
+      - ./configs/configuration.yml:/usr/src/redmine/config/configuration.yml
+      - ./configs/database.yml:/usr/src/redmine/config/database.yml
+      # Needs read UID 999.
+      - ./storage/volumes/redmine_plugins:/usr/src/redmine/plugins
+    environment:
+      REDMINE_DB_MYSQL: database
+      REDMINE_DB_DATABASE: redmine
+      REDMINE_DB_USERNAME: redmine
+      # Same as MYSQL_PASSWORD below.
+      REDMINE_DB_PASSWORD: secret-1
+      # Only if you want to disable internal DB version updates.
+      #REDMINE_NO_DB_MIGRATE: 'yes'
+      # Automatically follows DB version updates related to the plugins.
+      REDMINE_PLUGINS_MIGRATE: 'yes'
+      # https://www.avast.com/random-password-generator
+      REDMINE_SECRET_KEY_BASE: secret-3
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+    labels:
+      com.centurylinklabs.watchtower.enable: true
+  #
+  # https://hub.docker.com/_/mariadb
+  database:
+    image: mariadb:lts
+    restart: unless-stopped
+    # Only for migration or debugging.
+    #ports:
+    # - 3306:3306
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      # Needs R/W UID:GID 999:999.
+      - ./storage/volumes/mysql:/var/lib/mysql
+      # Needs read UID 999.
+      - ./storage/volumes/mysql_conf_d:/etc/mysql/conf.d:ro
+      - ./storage/volumes/mysql_init_d:/docker-entrypoint-initdb.d:ro
+    environment:
+      MARIADB_AUTO_UPGRADE: "1"
+      MARIADB_INITDB_SKIP_TZINFO: "1"
+      MYSQL_DATABASE: redmine
+      MYSQL_USER: redmine
+      # https://www.avast.com/random-password-generator
+      MYSQL_PASSWORD: secret-1
+      MYSQL_ROOT_PASSWORD: secret-2
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+    labels:
+      com.centurylinklabs.watchtower.enable: true

.recipes/redmine_mariadb/storage/backups/attachments/.gitignore

@@ -0,0 +1,3 @@
+# Ignore everything in this directory except these files.
+*
+!.gitignore

.recipes/redmine_mariadb/storage/backups/dumps/.gitignore

@@ -0,0 +1,4 @@
+# Ignore everything in this directory except these files.
+*
+!.gitignore
+!.rotate_folder.conf

.recipes/redmine_mariadb/storage/backups/dumps/.rotate_folder.conf

@@ -0,0 +1,9 @@
+# This is a shell script excerpt for configuration purposes only.
+# Handle with care! Please don't put code here, only variables.
+
+CLASSES_PATTERN="^([^.]*)\..*\.$HOSTNAME\.(dmp|sql\.gz|tgz|log)$"
+DOIT="yes"                      # if empty the script makes a dry run
+# RETAIN_DAYS=7                 # retains all files created within that many days
+# RETAIN_WEEKS=4                # retains one file per week/month,
+# RETAIN_MONTHS=12              # created within that many weeks/months
+

.recipes/redmine_mariadb/storage/backups/plugins/latest_v6/.gitignore

@@ -0,0 +1,3 @@
+# Ignore everything in this directory except these files.
+*
+!.gitignore

.recipes/redmine_mariadb/storage/volumes/mysql/.gitignore

@@ -0,0 +1,3 @@
+# Ignore everything in this directory except this file.
+*
+!.gitignore

.recipes/redmine_mariadb/storage/volumes/mysql_conf_d/mariadb.cnf.optional

@@ -0,0 +1,30 @@
+# MariaDB 11.x settings according to the Redmine stack (optional).
+# See also:
+# https://gist.github.com/fevangelou/fb72f36bbe333e059b66
+# https://github.com/major/MySQLTuner-perl
+
+[mysqld]
+
+# https://gist.github.com/fevangelou/fb72f36bbe333e059b66
+# consider https://github.com/major/MySQLTuner-perl
+innodb_buffer_pool_size         = 2G	# 70-80% of memory available for MySQL/MariaDB
+innodb_buffer_pool_instances    = 2	# Use 1 instance per 1GB of InnoDB pool size
+innodb_file_per_table           = 1
+innodb_flush_log_at_trx_commit  = 0
+innodb_flush_method             = O_DIRECT
+innodb_log_buffer_size		= 64M
+innodb_log_file_size		= 256M	# should be 25% of innodb_buffer_pool_size / 2
+innodb_stats_on_metadata	= 0
+# https://mariadb.com/kb/en/configuring-mariadb-for-optimal-performance/
+# we practically don't use the MyISAM engine
+key_buffer_size	= 10M
+# https://mariadb.com/kb/en/mariadb-memory-allocation/#query-cache
+query_cache_type	= 0
+query_cache_size	= 0
+#query_cache_type	= ON
+#query_cache_size	= 10M
+#query_cache_limit	= 1M
+
+# Buffer Settings
+#sort_buffer_size	= 1M
+#join_buffer_size	= 1M

.recipes/redmine_mariadb/storage/volumes/mysql_init_d/.gitignore

@@ -0,0 +1,3 @@
+# Ignore everything in this directory except this file.
+*
+!.gitignore

.recipes/redmine_mariadb/storage/volumes/redmine_files/.gitignore

@@ -0,0 +1,3 @@
+# Ignore everything in this directory except this file.
+*
+!.gitignore

.recipes/redmine_mariadb/storage/volumes/redmine_plugins/setpermissions.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+chown -R 999:999 *
+find . -type d -exec chmod 2770 {} \;
+find . -type f -exec chmod 660 {} \;
+

.recipes/redmine_mariadb/tools/backup.d/dumpdb_mysql.sh

@@ -0,0 +1,177 @@
+#!/bin/bash
+#
+# A service script to backup the docker-composed MySQL/MariaDB database.
+# Dumps database to the $BASE_DIR/storage/backups/dumps folder (by default).
+# An optional parameter may change the target folder.
+#
+# This script gets the database credentials from the docker-compose.yml file
+# and calls the mysql_dumpdb worker script which should be installed in
+# the same folder or somewhere in the path.
+#
+# Call as a Docker manager user (member of the docker Linux group) via cron.
+#
+# Author: Kovács Zoltán <kovacsz@marcusconsulting.hu>
+#         Kovács Zoltán <kovacs.zoltan@smartfront.hu>
+# License: GNU/GPL 3+ https://www.gnu.org/licenses/gpl-3.0.en.html
+# 2025-02-26 v0.3
+# mod: doesn't tied to a particular composition (Mediawiki, Wordpress, etc).
+# 2024-12-01 v0.2.1
+# fix: typo in docker-compose version detection.
+# 2024-08-25 v0.2
+# new: docker-compose v2 compatibility - tested with Ubuntu 24.04 LTS.
+# 2021-10-19 v0.1 Initial version.
+
+# Accepted environment variables and their defaults.
+#
+PAR_BASEDIR=${PAR_BASEDIR:-""}                  # Service's base folder
+PAR_DUMPDIR=${PAR_DUMPDIR:-""}                  # Folder to dump within
+PAR_SERVICE=${PAR_SERVICE:-"database"}          # Service's name in composition
+
+# Messages (maybe overridden by configuration).
+#
+MSG_DOCKERGRPNEED="You must be a member of the docker group."
+MSG_DOESNOTRUN="This service doesn't run."
+MSG_MISSINGDEP="Fatal: missing dependency"
+MSG_MISSINGCONF="Fatal: missing config file"
+MSG_MISSINGYML="Fatal: didn't find the docker-compose.yml file"
+MSG_NONWRITE="The target directory isn't writable"
+MSG_NOLOCATE="Cannot locate the database container."
+MSG_NOPARAM="Missing environment parameter"
+
+# Other initialisations.
+#
+CONFFILE="docker-compose.yml"			# Configuration file
+DUMPDIR="storage/backups/dumps"			# Folder to dump within
+USER=${USER:-LOGNAME}                           # Fix for cron enviroment only
+YMLFILE="docker-compose.yml"
+
+# Checks the dependencies.
+#
+TR=$(which tr 2>/dev/null)
+if [ -z "$TR" ]; then echo "$MSG_MISSINGDEP tr."; exit 1 ; fi
+for item in basename cat cut date dirname docker \
+            find grep hostname id pwd tail xargs
+do
+    if [ -n "$(which $item)" ]
+    then export $(echo $item | "$TR" '[:lower:]' '[:upper:]' | "$TR" '-' '_')=$(which $item)
+    else echo "$MSG_MISSINGDEP $item." >&2; exit 1; fi
+done
+# All dependencies are available via "$THECOMMAND" (upper case) call.
+#
+# Let's find which version of docker-compose is installed.
+if [ $($DOCKER compose version >/dev/null 2>&1; echo $?) -eq 0 ]; then
+    # We'll use v2 if it is available.
+    DOCKER_COMPOSE="$DOCKER"
+    commandstring="compose"
+else
+    # Otherwise falling back to v1.
+    DOCKER_COMPOSE="$(which docker-compose)"
+    commandstring=""
+fi
+# One of the two is mandatory.
+if [ -z "$DOCKER_COMPOSE" ];then echo "$MSG_MISSINGDEP docker-compose" >&2; exit 1; fi
+# Below docker-compose should be called as "$DOCKER_COMPOSE" $commandstring sequence.
+
+# Where I'm?
+# https://gist.github.com/TheMengzor/968e5ea87e99d9c41782
+SOURCE="$0"
+while [ -h "$SOURCE" ]; do
+    # resolve $SOURCE until the file is no longer a symlink
+    SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #"
+    SOURCE="$("$READLINK" "$SOURCE")"
+    # if $SOURCE was a relative symlink, we need to resolve it
+    # relative to the path where the symlink file was located
+    [[ $SOURCE != /* ]] && SOURCE="$SCRPATH/$SOURCE"
+done; SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #"
+
+# Need to be root or a Docker manager user.
+#
+[[ "$USER" != 'root' ]] \
+&& [[ -z "$(echo "$("$ID" -Gn "$USER") " | "$GREP" ' docker ')" ]] \
+&& echo "$MSG_DOCKERGRPNEED" >&2 && exit 1 #"
+
+# Searches the base folder, containing a docker-compose.yml file.
+#
+# Called from the base folder (./)?
+BASE_DIR="$PAR_BASEDIR"
+TEST_DIR="$SCRPATH"
+[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR"
+# Called from ./tools?
+TEST_DIR="$("$DIRNAME" "$TEST_DIR")"
+[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR"
+# Called from ./tools/*.d?
+TEST_DIR="$("$DIRNAME" "$TEST_DIR")"
+[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR"
+# On failure gives it up here.
+if [ -z "$BASE_DIR" -o ! -r "$BASE_DIR/$YMLFILE" ]; then
+    echo "$MSG_MISSINGYML" >&2; exit 1
+fi
+# Sets the absolute paths.
+CONFFILE="$BASE_DIR/$CONFFILE"
+DUMPDIR="${PAR_DUMPDIR:-$BASE_DIR/$DUMPDIR}"
+
+# The dump target folder must be writable.
+#
+[[ ! -w "$DUMPDIR" ]] \
+&& echo "$MSG_NONWRITE: $DUMPDIR" >&2 && exit 1
+
+# The composition must be running - silently gives up here if not.
+#
+[[ -z "$(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps --services --filter "status=running")" ]] \
+&& exit 1
+
+# Searches and parses the config file.
+#
+if [ ! -r "$CONFFILE" ]; then
+    echo "$MSG_MISSINGCONF $CONFFILE" >&2; exit 1
+fi
+#
+function parse { [[ -z "$1" ]] && return
+    # Gets the live lines containing the parameter.
+    value=$("$CAT" "$CONFFILE" | "$GREP" -ve '^#' | \
+            "$GREP" -e "$1" | "$TR" -d '\r')
+    # If multiple the last one to consider.
+    value=$(echo -e  "$value" | "$TAIL" -n1)
+    # Right side of the colon W/O leading and trailing spaces and quotes.
+    value=$(echo -ne "$value" | "$CUT" -d':' -f2 | "$XARGS")
+    # Removes the trailing semicolon (if any).
+    value=${value%;*}
+    echo -e "$value"; return
+}
+# All parameters are mandatories.
+MYCONTAINER="$PAR_SERVICE" # TODO: guess from the yml
+if [ -z "$MYCONTAINER" ]; then echo "$MSG_NOPARAM PAR_SERVICE" >&2; exit 1; fi1; fi
+MYDATABASE="$(parse "MYSQL_DATABASE")"
+if [ -z "$MYDATABASE" ]; then echo "$MSG_NOPARAM MYSQL_DATABASE" >&2; exit 1; fi
+MYUSER="$(parse "MYSQL_USER")"
+if [ -z "$MYUSER" ]; then echo "$MSG_NOPARAM MYSQL_USER" >&2; exit 1; fi
+MYPASSWORD="$(parse "MYSQL_PASSWORD")"
+if [ -z "$MYPASSWORD" ]; then echo "$MSG_NOPARAM MYSQL_PASSWORD" >&2; exit 1; fi
+# We've the configuration parsed.
+
+# Converts the database service name to an actual running container's name.
+#
+MYCONTAINER="$("$DOCKER" inspect -f '{{.Name}}' $(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps -q "$MYCONTAINER") | "$CUT" -c2-)"
+# Gives up here if failed.
+if [ -z "$MYCONTAINER" ]; then echo "$MSG_NOLOCATE" >&2; exit 1; fi
+
+# Locates the worker script (in PATH or in this script's folder).
+#
+MYSQL_DUMPDB=$(which mysql_dumpdb)
+if [ -z "$MYSQL_DUMPDB" -a -x "$("$DIRNAME" "$0")/mysql_dumpdb" ]; then
+    MYSQL_DUMPDB="$SCRPATH/mysql_dumpdb"
+fi
+if [ -z "$MYSQL_DUMPDB" ]; then echo "$MSG_MISSINGDEP mysql_dumpdb."; exit 1 ; fi
+
+# Tries the DB backup.
+#
+if [ -n "$MYSQL_DUMPDB" -a -w "$DUMPDIR" ]; then
+    BACKUP_NAME=$MYDATABASE.$("$DATE" '+%Y%m%d_%H%M%S').$("$HOSTNAME")
+    ( cd "$DUMPDIR"
+      export MYCONTAINER MYUSER MYPASSWORD
+      "$MYSQL_DUMPDB" --compress "$MYDATABASE" "$DUMPDIR/$BACKUP_NAME.sql" \
+                      2>>"$DUMPDIR/$BACKUP_NAME.log"
+    )
+fi
+
+# That's all, Folks! :)

.recipes/redmine_mariadb/tools/backup.d/storage_backup.sh

@@ -0,0 +1,132 @@
+#!/bin/bash
+#
+# A service script to backup the relevant storage (config, files, plugins)
+# of a docker-composed Redmine instance. Creates a tarball in
+# $BASE_DIR/storage/backups/tarballs folder (by default). An optional
+# parameter may change the target folder.
+#
+# Call as a Docker manager user (member of the docker Linux group) via cron.
+#
+# Author: Kovács Zoltán <kovacs.zoltan@smartfront.hu>
+# License: GNU/GPL 3+ https://www.gnu.org/licenses/gpl-3.0.en.html
+# 2024-09-10 v0.2
+# new: Excludes the documents if the storage_gitbackup is active.
+# new: docker-compose v2 compatibility - tested with Ubuntu 24.04 LTS.
+# 2021-09-01 v0.1 Initial version.
+
+# Accepted environment variables and their defaults.
+#
+PAR_BASEDIR=${PAR_BASEDIR:-""}                  # Service's base folder
+PAR_BACKUPDIR=${PAR_BACKUPDIR:-""}              # Folder to dump within
+
+# Messages (maybe overridden by configuration).
+#
+MSG_DOCKERGRPNEED="You must be a member of the docker group."
+MSG_DOESNOTRUN="This service doesn't run."
+MSG_MISSINGDEP="Fatal: missing dependency"
+MSG_MISSINGYML="Fatal: didn't find the docker-compose.yml file"
+MSG_NONWRITE="The target directory isn't writable"
+MSG_NOLOCATE="Cannot locate the Redmine container."
+
+# Other initialisations.
+#
+BACKUPDIR="storage/backups/tarballs"		# Folder to dump within
+GITBACKUP="storage_gitbackup.sh"		# Git backup utility
+SERVICENAME="redmine"				# The composed Redmine service
+USER=${USER:-LOGNAME}                           # Fix for cron enviroment only
+YMLFILE="docker-compose.yml"
+
+# Checks the dependencies.
+#
+TR=$(which tr 2>/dev/null)
+if [ -z "$TR" ]; then echo "$MSG_MISSINGDEP tr."; exit 1 ; fi
+for item in basename cat cut date dirname docker \
+            find grep hostname id pwd tail xargs
+do
+    if [ -n "$(which $item)" ]
+    then export $(echo $item | "$TR" '[:lower:]' '[:upper:]' | "$TR" '-' '_')=$(which $item)
+    else echo "$MSG_MISSINGDEP $item." >&2; exit 1; fi
+done
+# All dependencies are available via "$THECOMMAND" (upper case) call.
+#
+# Let's find which version of docker-compose is installed.
+if [ $($DOCKER compose version 2>&1 >/dev/null; echo $?) -eq 0 ]; then
+    # We'll use v2 if it is available.
+    DOCKER_COMPOSE="$DOCKER"
+    commandstring="compose"
+else
+    # Otherwise falling back to v1.
+    DOCKER_COMPOSE="$(which docker-compose)"
+    commandstring=""
+fi
+# One of the two is mandatory.
+if [ -z "$DOCKER_COMPOSE" ];then echo "$MSG_MISSINGDEP docker-compose" >&2; exit 1; fi
+# Below docker-compose should be called as "$DOCKER_COMPOSE" $commandstring sequence.
+
+# Where I'm?
+# https://gist.github.com/TheMengzor/968e5ea87e99d9c41782
+SOURCE="$0"
+while [ -h "$SOURCE" ]; do
+    # resolve $SOURCE until the file is no longer a symlink
+    SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #"
+    SOURCE="$("$READLINK" "$SOURCE")"
+    # if $SOURCE was a relative symlink, we need to resolve it
+    # relative to the path where the symlink file was located
+    [[ $SOURCE != /* ]] && SOURCE="$SCRPATH/$SOURCE"
+done; SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #"
+
+# Need to be root or a Docker manager user.
+#
+[[ "$USER" != 'root' ]] \
+&& [[ -z "$(echo "$("$ID" -Gn "$USER") " | "$GREP" ' docker ')" ]] \
+&& echo "$MSG_DOCKERGRPNEED" >&2 && exit 1 #"
+
+# Searches the base folder, containing a docker-compose.yml file.
+#
+# Called from the base folder (./)?
+BASE_DIR="$PAR_BASEDIR"
+TEST_DIR="$SCRPATH"
+[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR"
+# Called from ./tools?
+TEST_DIR="$("$DIRNAME" "$TEST_DIR")"
+[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR"
+# Called from ./tools/*.d?
+TEST_DIR="$("$DIRNAME" "$TEST_DIR")"
+[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR"
+# On failure gives it up here.
+if [ -z "$BASE_DIR" -o ! -r "$BASE_DIR/$YMLFILE" ]; then
+    echo "$MSG_MISSINGYML" >&2; exit 1
+fi
+# Sets the absolute paths.
+BACKUPDIR="${PAR_BACKUPDIR:-$BASE_DIR/$BACKUPDIR}"
+
+# The dump target folder must be writable.
+#
+[[ ! -w "$BACKUPDIR" ]] \
+&& echo "$MSG_NONWRITE: $BACKUPDIR" >&2 && exit 1
+
+# The service must be running - silently gives up here if not.
+#
+[[ -z "$(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps --services --filter "status=running")" ]] \
+&& exit 1
+
+# Converts the Redmine service name to an actual running container's name.
+#
+RMCONTAINER="$("$DOCKER" inspect -f '{{.Name}}' $(cd "$BASE_DIR"; "$DOCKER_COMPOSE" $commandstring ps -q "$SERVICENAME") | "$CUT" -c2-)"
+# Gives up here if failed.
+if [ -z "$RMCONTAINER" ]; then echo "$MSG_NOLOCATE" >&2; exit 1; fi
+
+# Excludes the documents if the GITBACKUP is active.
+DOCUMENTS="files"
+[[ -n $(which "$GITBACKUP") ]] && DOCUMENTS=""  # it is an executable somewhere in the path
+[[ -x "$SCRPATH/$GITBACKUP" ]] && DOCUMENTS=""  # it is an executable in the current directory
+
+# Tries the FS backup.
+if [ -w "$BACKUPDIR" ]; then
+    BACKUP_NAME=$RMCONTAINER.$("$DATE" '+%Y%m%d_%H%M%S').$("$HOSTNAME")
+    "$DOCKER" exec $RMCONTAINER sh \
+    -c "cd /usr/src/redmine; tar cz config $DOCUMENTS plugins" \
+    >  "$BACKUPDIR/$BACKUP_NAME.tgz" 2>>"$BACKUPDIR/$BACKUP_NAME.log"
+fi
+
+# That's all, Folks! :)

.recipes/redmine_mariadb/tools/backup.d/storage_gitbackup.sh

@@ -0,0 +1,164 @@
+#!/bin/bash
+#
+# Humble tool to commit the content of a docker-composed Redmine service's
+# attachments into a git repository to make a daily backup of documents.
+# Also makes the repository with a metastore file if doesn't exist yet.
+#
+# This script called usually by the cron (but indirectly).
+# Depends loosely on metastore package, which isn't absolutely necessary,
+# but strongly recommended to backup file time attributes and permissions,
+# which the git tool doesn't do.
+#
+# Author: Kovács Zoltán <kovacsz@marcusconsulting.hu>
+# License: GNU/GPL v3+ (https://www.gnu.org/licenses/gpl-3.0.en.html)
+# 2025-01-18 v0.3
+# fix: a typo (BASE_DIR instead of SERVICE_BASE).
+# 2024-09-10 v0.2
+# new: docker-compose v2 compatibility - tested with Ubuntu 24.04 LTS.
+# mod: Doesn't do backup if the service is down.
+# 2021-11-21 v0.1 Initial release
+
+# Accepted environment variables and their defaults.
+#
+BOTEMAIL=${BOTEMAIL:-"backupbot@example.com"}	# Git repo owner's email (fake)
+BOTNAME=${BOTNAME:-"Backup Bot"}		# Git repo owner's name (fake)
+SERVICE_BASE=${PAR_BASEDIR:-""}			# Corresponding service's base
+GITDIR=${PAR_GITDIR:-""}			# Folder containing .git
+SOURCEDIR=${PAR_BACKUPDIR:-""}			# Folder to backup into git
+
+# Basic environment settings.
+#
+LANG=C
+LC_ALL=C
+# We need also the sbin directories.
+if ! [[ "$PATH" =~ '/sbin:' ]]; then
+PATH="$PATH:/usr/local/sbin:/usr/sbin:/sbin"; fi
+
+# Messages.
+#
+MSG_GITCOMMIT="Automated backup"
+MSG_MISSINGBASE="Fatal: missing SERVICE_BASE"
+MSG_MISSINGDEP="Fatal: missing dependency"
+MSG_MISSINGGIT="Fatal: unable to find the backup (git) folder"
+MSG_MISSINGSOURCE="Fatal: unable to find the source folder"
+MSG_WRONGGIT="Fatal: unusable backup (git) folder"
+
+# Other initialisations.
+#
+GITPATH="storage/backups/attachments"
+YMLFILE="docker-compose.yml"
+
+# Checks the dependencies.
+#
+TR=$(which tr 2>/dev/null)
+if [ -z "$TR" ]; then echo "$MSG_MISSINGDEP tr."; exit 1 ; fi
+for item in cut date dirname docker git readlink
+do
+    if [ -n "$(which $item)" ]
+    then export $(echo $item | "$TR" '[:lower:]' '[:upper:]')=$(which $item)
+    else echo "$MSG_MISSINGDEP $item." >&2; exit 1; fi
+done
+# All dependencies are available via "$THECOMMAND" (upper case) call.
+
+# Where I'm?
+# https://gist.github.com/TheMengzor/968e5ea87e99d9c41782
+#
+SOURCE="$0"
+while [ -h "$SOURCE" ]; do
+    # resolve $SOURCE until the file is no longer a symlink
+    SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #"
+    SOURCE="$("$READLINK" "$SOURCE")"
+    # if $SOURCE was a relative symlink, we need to resolve it
+    # relative to the path where the symlink file was located
+    [[ $SOURCE != /* ]] && SOURCE="$SCRPATH/$SOURCE"
+done; SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #"
+ 
+# Let's find which version of docker-compose is installed.
+if [ $($DOCKER compose version 2>&1 >/dev/null; echo $?) -eq 0 ]; then
+    # We'll use v2 if it is available.
+    DOCKER_COMPOSE="$DOCKER"
+    commandstring="compose"
+else
+    # Otherwise falling back to v1.
+    DOCKER_COMPOSE="$(which docker-compose)"
+    commandstring=""
+fi
+# One of the two is mandatory.
+if [ -z "$DOCKER_COMPOSE" ];then echo "$MSG_MISSINGDEP docker-compose" >&2; exit 1; fi
+# Below docker-compose should be called as "$DOCKER_COMPOSE" $commandstring sequence.
+
+# Searches the base folder, containing a docker-compose.yml file.
+#
+# Called from the base folder (./)?
+TEST_DIR="$SCRPATH"
+[[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR"
+# Called from ./tools?
+TEST_DIR="$("$DIRNAME" "$TEST_DIR")"
+[[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR"
+# Called from ./tools/*.d?
+TEST_DIR="$("$DIRNAME" "$TEST_DIR")"
+[[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR"
+# On failure gives it up here.
+if [ -z "$SERVICE_BASE" -o ! -r "$SERVICE_BASE/$YMLFILE" ]; then
+    echo "$MSG_MISSINGYML" >&2; exit 1
+fi
+# Sets the absolute paths.
+BACKUPDIR="${PAR_BACKUPDIR:-$SERVICE_BASE/$BACKUPDIR}"
+
+# Locates the source folder.
+#
+# Maybe given as a  command line parameter.
+[[ -n "$1" ]] && SOURCEDIR="$1" && shift
+[[ -z "$SOURCEDIR" ]] && SOURCEDIR="$SERVICE_BASE/storage/volumes/redmine_files"
+# Gives up here if doesn't found.
+if [ -z "$SOURCEDIR" -o ! -d "$("$READLINK" -e "$SOURCEDIR")" ]; then
+    echo "$MSG_MISSINGSOURCE $SOURCEDIR"; exit 1
+fi
+
+# Locates the backup (git) folder.
+#
+# Maybe given as a  command line parameter.
+[[ -n "$1" ]] && GITDIR="$1" && shift
+[[ -z "$GITDIR" ]] && GITDIR="$SERVICE_BASE/$GITPATH"
+# Gives up here if doesn't found.
+if [ -z "$GITDIR" -o ! -d "$("$READLINK" -e "$GITDIR")" ]; then
+    echo "$MSG_MISSINGGIT $GITDIR"; exit 1
+fi
+# Does it writable?
+( cd "$GITDIR" 2>/dev/null
+  if [ ! "$PWD" = "$GITDIR" -o ! -w "$PWD" ]; then
+      echo "$MSG_WRONGGIT $GITDIR"; exit 1
+  fi
+) || exit 1
+# We've the folders localized.
+
+# The service must be running - silently gives up here if not.
+#
+[[ -z "$(cd "$SERVICE_BASE"; "$DOCKER_COMPOSE" $commandstring ps --services --filter "status=running")" ]] \
+&& exit 1
+
+# Attempts the backup commit.
+#
+# Initializes the git backup if it doesn't exist yet.
+if [ ! -d "$GITDIR/.git" ]; then
+    # Initializes the repo itself.
+    "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" init --quiet
+    "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" config user.name "$BOTNAME"
+    "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" config user.email "$BOTEMAIL"
+fi
+# Stages all the files and non-empty folders.
+"$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" add . >/dev/null
+# Stores the file system metadata as well, if the tool has been installed.
+if [ ! -z "$(which metastore)" -a -x "$(which metastore)" ]; then
+    # This commamd silently creates the metastore file if it doesnt' exist yet.
+    ( cd "$SOURCEDIR"
+      "$(which metastore)" -smqq --file ".metadata"
+    )
+    # Stages it as well.
+    "$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" add ".metadata" >/dev/null
+fi
+# Makes the commit.
+"$GIT" --git-dir="$GITDIR/.git" --work-tree="$SOURCEDIR" commit --quiet -m "'$MSG_GITCOMMIT $("$DATE" '+%Y%m%d-%H%M%S')'"
+# Git done.
+
+# That's all, Folks! :)

.recipes/redmine_mariadb/tools/download_plugins_v6.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+#
+# Downloads a copy of the latest versions of the installed plugins
+# into a temporary destination folder. Doesn't hurt the running
+# instance.
+#
+# To perform the actual upgrade you have to stop the instance and manually
+# upgrade the contents of the storage/volumes/redmine_plugins folder.
+
+# Where I'm?
+SCRPATH="$( cd -P "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" #"
+# Temporary destination folder for download.
+PLUGINS=$(readlink -f "$SCRPATH/../storage/backups/plugins/latest_v6")
+if [ ! -d "$PLUGINS" -o ! -w "$PLUGINS" ]; then
+    echo -e "Bad destination: $PLUGINS" >&2; exit 1
+fi
+
+# Plugins from GitHub.
+# Feel free to adjust it to your needs.
+#rm -rf "$PLUGINS/additionals" 2>/dev/null
+#git clone -b stable https://github.com/alphanodes/additionals.git "$PLUGINS/additionals"
+
+# Some cleanup
+rm -rf "$PLUGINS"/*/.git "$PLUGINS"/*/.github

.recipes/redmine_mariadb/tools/restoredb_mysql.sh

@@ -0,0 +1,195 @@
+#!/bin/bash
+#
+# Restores a composed MySQL/MariaDB database from a dump file.
+# Gets all necessary data from the docker-compose.yml file.
+#
+# This is a wrapper script to the system-wide mysql_restoredb tool.
+# Database recovey with the necessary user management and grants
+# requires superuser privileges in MySQL, but simple data recovery
+# is possible if the user and privileges are already set.
+#
+# You have to call this script as a Docker manager user (member of the
+# 'docker' Linux group). The worker tool must be available somewhere
+# in PATH. At least 5.7.6 MySQL or at least 10.1.3 MariaDB is required.
+#
+# Usage:
+# $0 path_to_the_dumpfile [ path_to_the_service's_base ]
+#
+# Author: Kovács Zoltán <kovacsz@marcusconsulting.hu>
+# License: GNU/GPL v3+ (https://www.gnu.org/licenses/gpl-3.0.en.html)
+#
+# 2025-02-26 v0.1 Forked from the Smartfront repository and rewritten.
+
+# Accepted environment variables and their defaults.
+#
+PAR_SERVICE=${SERVICE:-"database"}		# Database container's name
+
+# Other initialisations.
+#
+BACKUPFOLDER="storage/backups/dumps"		# Skeleton's default dump folder
+PROP_DBAPASS="MYSQL_ROOT_PASSWORD"		# DB admin password property
+PROP_DBNAME="MYSQL_DATABASE"			# DB name property
+PROP_DBPASS="MYSQL_PASSWORD"			# DB password property
+PROP_DBUSER="MYSQL_USER"			# DB username property
+USER=${USER:-LOGNAME}                           # Fix for cron enviroment only
+YMLFILE="docker-compose.yml"
+
+# Basic environment settings.
+#
+LANG=C
+LC_ALL=C
+
+# Messages.
+#
+MSG_BADDUMP="Fatal: doesn't exist or doesn't a dumpfile:"
+MSG_DOCKERGRPNEED="You must be a member of the docker group."
+MSG_DOESNOTRUN="This service doesn't run."
+MSG_MISSINGDEP="Fatal: missing dependency"
+MSG_MISSINGCONF="Fatal: missing config file"
+MSG_MISSINGYML="Fatal: didn't find the $YMLFILE file"
+MSG_NOLOCATE="Cannot locate the database container."
+MSG_NOPARAM="Missing environment parameter"
+
+MSG_USAGE="Usage: $0 dump_pathname [ composition_base_pathname ]\n"
+MSG_USAGE+="ENVVAR:\n"
+MSG_USAGE+="SERVICE       \tDatabase service's name in composition\n"
+
+# Checks the dependencies.
+#
+TR=$(which tr 2>/dev/null)
+if [ -z "$TR" ]; then echo "$MSG_MISSINGDEP tr."; exit 1 ; fi
+for item in basename cat cut date dirname docker \
+            grep id mysql_restoredb readlink tail xargs
+do
+    if [ -n "$(which $item)" ]
+    then export $(echo $item | "$TR" '[:lower:]' '[:upper:]' | "$TR" '-' '_')=$(which $item)
+    else echo "$MSG_MISSINGDEP $item." >&2; exit 1; fi
+done
+# All dependencies are available via "$THECOMMAND" (upper case) call.
+#
+# Let's find which version of docker-compose is installed.
+if [ $($DOCKER compose version >/dev/null 2>&1; echo $?) -eq 0 ]; then
+    # We'll use v2 if it is available.
+    DOCKER_COMPOSE="$DOCKER"
+    commandstring="compose"
+else
+    # Otherwise falling back to v1.
+    DOCKER_COMPOSE="$(which docker-compose)"
+    commandstring=""
+fi
+# One of the two is mandatory.
+if [ -z "$DOCKER_COMPOSE" ];then echo "$MSG_MISSINGDEP docker-compose" >&2; exit 1; fi
+# Below docker-compose should be called as "$DOCKER_COMPOSE" $commandstring sequence.
+
+# Where I'm?
+# https://gist.github.com/TheMengzor/968e5ea87e99d9c41782
+SOURCE="$0"
+while [ -h "$SOURCE" ]; do
+    # resolve $SOURCE until the file is no longer a symlink
+    SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #"
+    SOURCE="$("$READLINK" "$SOURCE")"
+    # if $SOURCE was a relative symlink, we need to resolve it
+    # relative to the path where the symlink file was located
+    [[ $SOURCE != /* ]] && SOURCE="$SCRPATH/$SOURCE"
+done; SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && echo "$PWD" )" #"
+
+# Need to be root or a Docker manager user.
+#
+[[ "$USER" != 'root' ]] \
+&& [[ -z "$(echo "$("$ID" -Gn "$USER") " | "$GREP" ' docker ')" ]] \
+&& echo "$MSG_DOCKERGRPNEED" >&2 && exit 1 #"
+
+# Gets the command line parameters.
+#
+# DUMPFILE is mandatory
+if [ -n "$1" ]; then DUMPFILE="$1"; shift
+else echo -e "$MSG_USAGE" >&2; exit 1; fi
+# SERVICE_BASE is optional
+if [ -n "$1" ]; then SERVICE_BASE="$1"; shift; fi
+# We've read the unchecked command line parameters.
+
+# Searches the base folder, containing the YMLFILE.
+#
+if [ -z "$SERVICE_BASE" ]; then
+    # Called from the base folder (./)?
+    TEST_DIR="$SCRPATH"
+    [[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR"
+    # Called from ./tools?
+    TEST_DIR="$("$DIRNAME" "$TEST_DIR")"
+    [[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR"
+    # Called from ./tools/*.d?
+    TEST_DIR="$("$DIRNAME" "$TEST_DIR")"
+    [[ -z "$SERVICE_BASE" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && SERVICE_BASE="$TEST_DIR"
+fi
+# On failure gives it up here.
+if [ -z "$SERVICE_BASE" -o ! -r "$SERVICE_BASE/$YMLFILE" ]; then
+    echo "$MSG_MISSINGYML" >&2; exit 1
+fi
+# Sets the absolute path.
+YMLFILE="$SERVICE_BASE/$YMLFILE"
+# We've the YMLFILE.
+
+# Finds the DUMPFILE to use.
+#
+# The DUMPFILE must point to a readable file.
+# If doesn't it tries the skeleton's standard backup folder as well.
+if [ ! -r "$DUMPFILE" ]
+then DUMPFILE="$("$DIRNAME" "$SERVICE_BASE")/$BACKUPFOLDER/$DUMPFILE"; fi
+# If it is an existing symlink dereferences it to ensure, it points to a file.
+if [ -h "$DUMPFILE" ]; then
+    if [[ "$("$READLINK" "$DUMPFILE")" != /* ]]
+    # relative path in symlink
+    then DUMPFILE="$("$DIRNAME" "$DUMPFILE")/$("$READLINK" "$DUMPFILE")"
+    # absolute path in symlink
+    else DUMPFILE="$("$READLINK" "$DUMPFILE")"; fi
+fi
+# Let's check it!
+if [ ! -r "$DUMPFILE" -o  ! -f "$DUMPFILE" ]
+then echo -e "$MSG_BADDUMP $DUMPFILE"; exit 1; fi
+# We've an existing dumpfile.
+
+# The composition must be running - silently gives up here if not.
+#
+[[ -z "$(cd "$SERVICE_BASE"; "$DOCKER_COMPOSE" $commandstring ps --services --filter "status=running")" ]] \
+&& exit 1
+
+# Parses the YMLFILE for parameters to use.
+#
+function parse { [[ -z "$1" ]] && return
+    # Gets the live lines containing the parameter.
+    value=$("$CAT" "$YMLFILE" | "$GREP" -ve '^#' | \
+            "$GREP" -e "^ *$1" | "$TR" -d '\r')
+    # If multiple the last one to consider.
+    value=$(echo -e  "$value" | "$TAIL" -n1)
+    # Right side of the colon W/O leading and trailing spaces and quotes.
+    value=$(echo -ne "$value" | "$CUT" -d':' -f2 | "$XARGS")
+    # Removes the trailing semicolon (if any).
+    value=${value%;*}
+    echo -e "$value"; return
+}
+# These parameters are mandatory.
+MYCONTAINER="$PAR_SERVICE" # TODO: guess from the yml
+if [ -z "$MYCONTAINER" ]; then echo "$MSG_NOPARAM PAR_SERVICE" >&2; exit 1; fi1; fi
+MYDATABASE="$(parse "$PROP_DBNAME")"
+if [ -z "$MYDATABASE" ]; then echo "$MSG_NOPARAM $PROP_DBNAME" >&2; exit 1; fi
+MYUSER="$(parse "$PROP_DBUSER")"
+if [ -z "$MYUSER" ]; then echo "$MSG_NOPARAM $PROP_DBUSER" >&2; exit 1; fi
+MYPASSWORD="$(parse "$PROP_DBPASS")"
+if [ -z "$MYPASSWORD" ]; then echo "$MSG_NOPARAM $PROP_DBPASS" >&2; exit 1; fi
+# These are optional.
+MYDBAUSER="root"
+MYDBAPASSWORD="$(parse "$PROP_DBAPASS")"
+# We've the configuration parsed.
+
+# Converts the database service name to an actual running container's name.
+#
+MYCONTAINER="$("$DOCKER" inspect -f '{{.Name}}' $(cd "$SERVICE_BASE"; "$DOCKER_COMPOSE" $commandstring ps -q "$MYCONTAINER") | "$CUT" -c2-)"
+# Gives up here if failed.
+if [ -z "$MYCONTAINER" ]; then echo "$MSG_NOLOCATE" >&2; exit 1; fi
+
+# Calls the worker script to make the job.
+#
+export MYDBAUSER MYDBAPASSWORD MYPASSWORD
+"$MYSQL_RESTOREDB" -C "$MYCONTAINER" -U "$MYUSER" "$MYDATABASE" "$DUMPFILE"
+
+# That's all, Folks! :)