marcusconsulting/docker-skeleton
2
0
Fork 0
Code

Compare commits

base: marcusconsulting:8f962df620fefce281a59830918043edcfb20ff7
Branches Tags
marcusconsulting:master
..
compare: marcusconsulting:48faad59c7f1675b5d8ae6dfe2117b40c8e82a63
Branches Tags
marcusconsulting:master

No commits in common. "8f962df620fefce281a59830918043edcfb20ff7" and "48faad59c7f1675b5d8ae6dfe2117b40c8e82a63" have entirely different histories.
8f962df620 ... 48faad59c7

15 changed files with 23 additions and 224 deletions
Show Stats Expand all files Collapse all files

BIN
.metadata
View File

Binary file not shown.

28
.recipes/staticweb_filebrowser/.templates/nginx/nginx_filebrowser.inc
View File

@ -1,28 +0,0 @@
# Includable nginx configuration.
#
# Additional Filebrowser service.
# Take a look to the proxy port setting.
location ~ /(api|files|login|static) {
proxy_pass http://localhost:$PAR_PROXYPORT;
error_page 500 502 503 504 @proxy_error;
client_max_body_size 1G;
keepalive_timeout 30;
proxy_read_timeout 300;
proxy_request_buffering on;
proxy_buffers 2048 16k;
proxy_buffer_size 16k;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
#websockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}

10
.templates/bin/rotate_folder
View File

@ -55,9 +55,6 @@
# Author: Kovács Zoltán <kovacs.zoltan@smartfront.hu> # Author: Kovács Zoltán <kovacs.zoltan@smartfront.hu>
# Kovács Zoltán <kovacsz@marcusconsulting.hu> # Kovács Zoltán <kovacsz@marcusconsulting.hu>
# License: GNU/GPL v3+ (https://www.gnu.org/licenses/gpl-3.0.en.html) # License: GNU/GPL v3+ (https://www.gnu.org/licenses/gpl-3.0.en.html)
# 2025-03-06 v1.1
# new: added the --noconf option which prevents reading and creating
# the configuration file.
# 2023-06-18 v1.0 # 2023-06-18 v1.0
# new: forked from the "SMARTERP_skeleton" repository. # new: forked from the "SMARTERP_skeleton" repository.
# 2021.02.12 v0.3 # 2021.02.12 v0.3
@ -80,7 +77,6 @@ RETAIN_MONTHS=${RETAIN_MONTHS-"12"}
# Other initialisations (maybe overridden by configuration). # Other initialisations (maybe overridden by configuration).
# #
DOIT="" DOIT=""
NOCONF=""
# Messages (maybe overriden by configuration). # Messages (maybe overriden by configuration).
# #
@ -110,7 +106,6 @@ do
case ${option} in case ${option} in
"-" ) "-" )
if [ "$OPTARG" = "doit" ]; then DOIT="yes" if [ "$OPTARG" = "doit" ]; then DOIT="yes"
elif [ "$OPTARG" = "noconf" ]; then NOCONF="yes"
else echo "$MSG_BADOPT --$OPTARG" >&2; exit 1 else echo "$MSG_BADOPT --$OPTARG" >&2; exit 1
fi fi
;; ;;
@ -140,10 +135,9 @@ BACKUP_FOLDER=${BACKUP_FOLDER%/}
if [ -z "$BACKUP_FOLDER" -o ! -d "$BACKUP_FOLDER" -o ! -w "$BACKUP_FOLDER" ] if [ -z "$BACKUP_FOLDER" -o ! -d "$BACKUP_FOLDER" -o ! -w "$BACKUP_FOLDER" ]
then echo -e "$MSG_BADFOLDER $BACKUP_FOLDER" >&2; exit 1; fi then echo -e "$MSG_BADFOLDER $BACKUP_FOLDER" >&2; exit 1; fi
# Applies the configuration (if it exists and if it doesn't need to be ignored). # Gets the configuration (if any).
BACKUP_CONF="$BACKUP_FOLDER/.$("$BASENAME" "$0").conf" BACKUP_CONF="$BACKUP_FOLDER/.$("$BASENAME" "$0").conf"
if [ "$NOCONF" = "yes" ]; then : if [ -r $BACKUP_CONF ]; then . "$BACKUP_CONF"
elif [ -r $BACKUP_CONF ]; then . "$BACKUP_CONF"
else else
# Warns about failure. # Warns about failure.
echo -e "$MSG_NOCONF $BACKUP_CONF" echo -e "$MSG_NOCONF $BACKUP_CONF"

25
.templates/nginx/nginx.conf
View File

@ -67,15 +67,24 @@ server {
You may report this at <a href='mailto:$server_admin'>$server_admin</a>.</span>"; You may report this at <a href='mailto:$server_admin'>$server_admin</a>.</span>";
} }
# #
# Optional export backups function. # Static service.
# Needs ACLs, see the include file. # location / {
#include $PAR_SERVICE/configs/nginx_xport.inc; # root $PAR_SERVICE/storage/volumes/staticweb/;
# allow all;
# autoindex off;
# index index.html index.htm;
# try_files $ri $uri/ =404;
# }
# #
# Optional simple static service. # No static service, but we may provide the OPTIONS for a potential DAV client.
#include $PAR_SERVICE/configs/nginx_static.inc; # location / {
# # types { } default_type text/html;
# Optional simple disabled-static servioe. ## dav_ext_methods OPTIONS;
#include $PAR_SERVICE/configs/nginx_nostatic.inc; # if ($request_method != OPTIONS) {
# return 404 "<span style='font-size: x-large'>Sorry try <a href='$scheme://$server_name/$PAR_LOCATION'>$scheme://$server_name/$PAR_LOCATION</a> instead.</span>";
## return 302 $scheme://$server_name/$PAR_LOCATION;
# }
# }
################################################################################## ##################################################################################
# The SSL part # The SSL part

11
.templates/nginx/nginx_nostatic.inc
View File

@ -1,11 +0,0 @@
# Includable nginx configuration.
#
# A simple no-static service.
location / {
types { } default_type text/html;
# dav_ext_methods OPTIONS;
if ($request_method != OPTIONS) {
return 404 "<span style='font-size: x-large'>Sorry try <a href='$scheme://$server_name/$PAR_LOCATION'>$scheme://$server_name/$PAR_LOCATION</a> instead.</span>";
# return 302 $scheme://$server_name/$PAR_LOCATION;
}
}

10
.templates/nginx/nginx_static.inc
View File

@ -1,10 +0,0 @@
# Includable nginx configuration.
#
# A simple static service.
location / {
root $PAR_SERVICE/storage/volumes/staticweb/;
allow all;
autoindex off;
index index.html index.htm;
try_files $ri $uri/ =404;
}

18
.templates/nginx/nginx_xport.inc
View File

@ -1,18 +0,0 @@
# Includable nginx configuration.
#
# Export backups feature.
# Needs
# setfacl -m u:www-data:r [...]/configs/xport_backup
# setfacl -m u:www-data:rx [...]/storage/backups
# setfacl -d -m u:www-data:r [...]/storage/backups/export
# ACLs.
location /export {
root $PAR_SERVICE/storage/backups;
auth_basic "Export backups area";
auth_basic_user_file $PAR_SERVICE/configs/xport_backup;
allow all;
autoindex on;
autoindex_exact_size off;
autoindex_format html;
autoindex_localtime on;
}

1
configs/.gitignore vendored
View File

@ -1,5 +1,4 @@
# Ignore everything else in this directory. # Ignore everything else in this directory.
* *
!certs !certs
!xport_backup
!.gitignore !.gitignore

3
configs/xport_backup
View File

@ -1,3 +0,0 @@
# Credentials file for exported backups feature.
# Needs username:apr1-hashed password entries, one per line.
# Use https://htpasswd.utils.com/ or some similar to fill in.

5
storage/.gitignore vendored
View File

@ -1,5 +0,0 @@
# Ignore everything in this directory except this folders.
*
!.gitignore
!backups
!volumes

5
storage/backups/.gitignore vendored
View File

@ -1,5 +0,0 @@
# Ignore everything in this directory except these files.
*
!.gitignore
!export
!tarballs

4
storage/backups/export/.gitignore vendored
View File

@ -1,4 +0,0 @@
# Ignore everything in this directory except this file.
*
!.gitignore
!.rotate_folder.conf

9
storage/backups/export/.rotate_folder.conf
View File

@ -1,9 +0,0 @@
# This is a shell script excerpt for configuration purposes only.
# Handle with care! Please don't put code here, only variables.
CLASSES_PATTERN="^([^.]*)\..*\.$HOSTNAME\.(dmp|sql\.gz|tgz|log)$"
DOIT="yes" # if empty the script makes a dry run
RETAIN_DAYS=7 # retains all files created within that many days
RETAIN_WEEKS=0 # retains one file per week/month,
RETAIN_MONTHS=0 # created within that many weeks/months

105
tools/backup.d/xport_backup.sh
View File

@ -1,105 +0,0 @@
#!/bin/bash
#
# Optional additional backup operation, intended to export an (almost)
# up-to-date downloadable copy for our customers about their data
# handled by us. The script synchronizes some of the existing backup
# files to an export folder that can be downloaded from the web.
#
# Uses the rotate_folder tool to select files to synchronize.
# This tool must be somewhere in the path.
#
# Author: Kovács Zoltán <kovacsz@marcusconsulting.hu>
# License: GNU/GPL v3+ (https://www.gnu.org/licenses/gpl-3.0.en.html)
# 2025-03-06 v0.1 Initial release
# Accepted environment variables and their defaults.
PAR_BASEDIR=${PAR_BASEDIR:-""} # Service's base folder
PAR_DUMPDIR=${PAR_DUMPDIR:-""} # Absolute path to DB dumps
PAR_EXPORTDIR=${PAR_EXPORTDIR:-""} # Absolute path to export dir
PAR_RETAINDAYS=${PAR_RETAINDAYS:-"1"} # Days to retain the copies
PAR_TARBALLDIR=${PAR_TARBALLDIR:-""} # Absolute path to tgz dumps
# Other initialisations.
CLASSES_PATTERN="^([^.]*)\..*\.$HOSTNAME\.(dmp|sql\.gz|tgz|log)$"
DUMPPATH="storage/backups/dumps" # Default path to DB dumps
EXPORTPATH="storage/backups/export" # Default path to export dir
TARBALLPATH="storage/backups/tarballs" # Default path to tgz dumps
USER=${USER:-LOGNAME} # Fix for cron enviroment only
YMLFILE="docker-compose.yml"
# Messages.
MSG_MISSINGDEP="Fatal: missing dependency"
MSG_MISSINGYML="Fatal: didn't find the docker-compose.yml file"
MSG_NONWRITE="The target directory isn't writable"
# Checks the dependencies.
TR=$(which tr 2>/dev/null)
if [ -z "$TR" ]; then echo "$MSG_MISSINGDEP tr."; exit 1 ; fi
for item in cp cut date dirname grep hostname readlink rotate_folder tar
do
if [ -n "$(which $item)" ]
then export $(echo $item | "$TR" '[:lower:]' '[:upper:]' | "$TR" '-' '_')=$(which $item)
else echo "$MSG_MISSINGDEP $item." >&2; exit 1; fi
done
# Where I'm?
# https://gist.github.com/TheMengzor/968e5ea87e99d9c41782
SOURCE="$0"
while [ -h "$SOURCE" ]; do
# resolve $SOURCE until the file is no longer a symlink
SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && pwd )" #"
SOURCE="$("$READLINK" "$SOURCE")"
# if $SOURCE was a relative symlink, we need to resolve it
# relative to the path where the symlink file was located
[[ $SOURCE != /* ]] && SOURCE="$SCRPATH/$SOURCE"
done; SCRPATH="$( cd -P "$("$DIRNAME" "$SOURCE" )" && pwd )" #"
# Searches the base folder, containing a docker-compose.yml file.
# Called from the base folder (./)?
BASE_DIR="$PAR_BASEDIR"
TEST_DIR="$SCRPATH"
[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR"
# Called from ./tools?
TEST_DIR="$("$DIRNAME" "$TEST_DIR")"
[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR"
# Called from ./tools/*.d?
TEST_DIR="$("$DIRNAME" "$TEST_DIR")"
[[ -z "$BASE_DIR" ]] && [[ -r "$TEST_DIR/$YMLFILE" ]] && BASE_DIR="$TEST_DIR"
# On failure gives it up here.
if [ -z "$BASE_DIR" -o ! -r "$BASE_DIR/$YMLFILE" ]; then
echo "$MSG_MISSINGYML" >&2; exit 1
fi
# Sets the absolute paths.
DUMPDIR="${PAR_DUMPDIR:-$BASE_DIR/$DUMPPATH}"
EXPORTDIR="${PAR_EXPORTDIR:-$BASE_DIR/$EXPORTPATH}"
TARBALLDIR="${PAR_TARBALLDIR:-$BASE_DIR/$TARBALLPATH}"
# Exits silently if EXPORTDIR isn't present.
[[ ! -e "$EXPORTDIR" ]] && exit 0
# EXPORTDIR must be writable.
[[ ! -w "$EXPORTDIR" ]] \
&& echo "$MSG_NONWRITE: $BACKUPDIR" >&2 && exit 1
# Let's select and copy the appropriate backup files.
#
# We'll call rotate_folder (dry run) with CLASSES_PATTERN and PAR_RETAINDAYS
# set above to select relevant files created in the backup folders within last
# PAR_RETAINDAYS days. These files are synchronized with the cp -u statement.
#
# Enumerates the folders.
for folder in "$DUMPDIR" "$TARBALLDIR"
do
# Selects the appropriate files (which have the "DR" - daily retain - tag).
for filename in $((export CLASSES_PATTERN="$CLASSES_PATTERN" \
RETAIN_DAYS="$PAR_RETAINDAYS" RETAIN_WEEKS=0 RETAIN_MONTHS=0; \
"$ROTATE_FOLDER" --noconf -f "$folder") | \
"$GREP" '^DR ' | "$CUT" -d' ' -f2) ""
do
# Updates the current file.
if [ -n "$filename" ]; then
"$CP" -u "$folder/$filename" "$EXPORTDIR/" 2>/dev/null
fi
done
done
# That's all, Folks! :)

13
tools/customize_nginx.sh
View File

@ -1,11 +1,11 @@
#!/bin/bash #!/bin/bash
PAR_SERVICENAME="" PAR_SERVICENAME=
PAR_PROXYHOST="localhost" PAR_PROXYHOST="localhost"
PAR_PROXYPORT="8201" PAR_PROXYPORT="8201"
PAR_SERVERNAME="myservice.example.com" PAR_SERVERNAME="myservice.example.com"
PAR_LOCATION= PAR_LOCATION=
PAR_WEBMASTER="webmaster@example.com" # Valid support email address PAR_WEBMASTER="webmaster@example.com" # Valid support email address
################################################################################ ################################################################################
# There is nothing to change below this line (I hope) # There is nothing to change below this line (I hope)
@ -18,13 +18,8 @@ PAR_SERVICE="$HOME/services/$PAR_SERVICENAME"
PARAMETERS='$PAR_ACMEHOST:$PAR_ACMEPORT:$PAR_SERVICE:$PAR_PROXYHOST:$PAR_PROXYPORT:$PAR_SERVERNAME:$PAR_LOCATION:$PAR_WEBMASTER' PARAMETERS='$PAR_ACMEHOST:$PAR_ACMEPORT:$PAR_SERVICE:$PAR_PROXYHOST:$PAR_PROXYPORT:$PAR_SERVERNAME:$PAR_LOCATION:$PAR_WEBMASTER'
for parameter in $(echo "$PARAMETERS" | tr ":" "\n") for parameter in $(echo "$PARAMETERS" | tr ":" "\n")
do export ${parameter:1}; done do export ${parameter:1}; done
for template in $(cd "$PAR_SERVICE/.templates/nginx/"; ls -1 nginx*) "" cat "$PAR_SERVICE/.templates/nginx/nginx.conf" | envsubst "$PARAMETERS" \
do > "$PAR_SERVICE/configs/nginx.conf"
if [ -n "$template" ]; then
cat "$PAR_SERVICE/.templates/nginx/$template" | envsubst "$PARAMETERS" \
> "$PAR_SERVICE/configs/$template"
fi
done
touch $PAR_SERVICE/logs/web/access.log $PAR_SERVICE/logs/web/error.log touch $PAR_SERVICE/logs/web/access.log $PAR_SERVICE/logs/web/error.log
chmod 660 $PAR_SERVICE/logs/web/access.log $PAR_SERVICE/logs/web/error.log chmod 660 $PAR_SERVICE/logs/web/access.log $PAR_SERVICE/logs/web/error.log