From fd85442440e041793bd030597c33b62b9b0c636e Mon Sep 17 00:00:00 2001 From: Lubomir Stanko Date: Mon, 22 Apr 2024 12:01:54 +0200 Subject: [PATCH] Update local development to use prebuilt anzusystems node docker image --- .github/workflows/ci.yml | 30 +-- docker-compose.yml | 4 +- docker/app/local/Dockerfile | 188 ++---------------- .../local/{usr/local => }/bin/start-command | 0 docker/app/local/etc/fonts/local.conf | 34 ---- .../app/local/etc/nginx/conf.d/default.conf | 57 ------ docker/app/local/etc/nginx/nginx.conf | 39 ---- .../local/etc/supervisor/conf.d/nginx.conf | 13 -- .../etc/supervisor/conf.d/node-server.conf | 12 -- .../app/local/etc/supervisor/supervisord.conf | 23 --- docker/app/local/usr/local/bin/env-config | 176 ---------------- docker/app/local/usr/local/bin/fix-user | 94 --------- docker/app/local/usr/share/dbus-1/system.conf | 141 ------------- 13 files changed, 30 insertions(+), 781 deletions(-) rename docker/app/local/{usr/local => }/bin/start-command (100%) delete mode 100644 docker/app/local/etc/fonts/local.conf delete mode 100644 docker/app/local/etc/nginx/conf.d/default.conf delete mode 100644 docker/app/local/etc/nginx/nginx.conf delete mode 100644 docker/app/local/etc/supervisor/conf.d/nginx.conf delete mode 100644 docker/app/local/etc/supervisor/conf.d/node-server.conf delete mode 100644 docker/app/local/etc/supervisor/supervisord.conf delete mode 100755 docker/app/local/usr/local/bin/env-config delete mode 100755 docker/app/local/usr/local/bin/fix-user delete mode 100644 docker/app/local/usr/share/dbus-1/system.conf diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 97a1fb30..b833e8e8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,4 +1,5 @@ -name: 'CI' +name: CI for AnzuSystems Admin-DAM by Petit Press a.s. (www.sme.sk) + on: push: branches: @@ -15,27 +16,26 @@ jobs: lint: strategy: matrix: - node-version: - - '20' - platform: - - ubuntu-latest + include: + - node-version: 20 + docker-image: anzusystems/node:1.0.0 - name: Lint - runs-on: ${{ matrix.platform }} + name: Node ${{ matrix.node-version }} + runs-on: ubuntu-latest + container: ${{ matrix.docker-image }} if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository steps: - name: Checkout uses: actions/checkout@v4 - - name: Enable corepack - run: corepack enable - - - name: Setup Node - uses: actions/setup-node@v4 + - name: Cache Yarn packages + id: yarn-cache + uses: actions/cache@v3 with: - node-version: ${{ matrix.node-version }} - cache: 'yarn' - cache-dependency-path: 'yarn.lock' + path: node_modules + key: ${{ runner.os }}-yarn-${{ hashFiles('yarn.lock', '*/yarn.lock') }} + restore-keys: | + ${{ runner.os }}-yarn- - name: Install dependencies run: yarn install --immutable diff --git a/docker-compose.yml b/docker-compose.yml index 5d6b9890..8ed8be33 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,7 +9,7 @@ services: dockerfile: ./docker/app/local/Dockerfile environment: - VIRTUAL_HOST=admin-dam.anzusystems.local - - VIRTUAL_PORT=8080 + - VIRTUAL_PORT=${NGINX_PORT:-8151} external_links: - local-proxy:core-dam.anzusystems.local - local-proxy:admin-dam.anzusystems.local @@ -21,7 +21,7 @@ services: - .:/var/www/html:cached ports: - ${DOCKER_VUE_DEV_PORT:-8150}:${DOCKER_VUE_DEV_PORT:-8150} - - ${NGINX_PORT:-8151}:8080 + - ${NGINX_PORT:-8151}:${NGINX_PORT:-8151} hostname: admin-dam.anzusystems.local privileged: true networks: diff --git a/docker/app/local/Dockerfile b/docker/app/local/Dockerfile index c8842ca6..3d44a077 100644 --- a/docker/app/local/Dockerfile +++ b/docker/app/local/Dockerfile @@ -1,181 +1,19 @@ -FROM node:20-bookworm-slim +FROM anzusystems/node:1.0.0-node20-nginx-browsers -# ---------------------------------------------------------------------------------------------------------------------- -# ENVIRONMENT VARIABLES -# ---------------------------------------------------------------------------------------------------------------------- +# +### Basic arguments and variables ARG DOCKER_USER ARG DOCKER_USER_ID ARG DOCKER_GROUP_ID -# Versions -# Nginx version -ENV NGINX_VERSION=1.24.0 \ - NGINX_NJS_VERSION=0.8.2 \ - NGINX_PKG_RELEASE=1~bookworm \ -# Supervisor version - SUPERVISOR_VERSION=4.2.5 \ - SUPERVISOR_PKG_RELEASE=1 \ -# NPM version - NPM_VERSION=10.2.5 \ -# Yarn version - DOCKER_YARN_VERSION=4.0.2 \ -# Browsers version - CHROME_VERSION=120.0.6099.71 \ - FIREFOX_VERSION=120.0.1 -# Common environment variables -ENV CONTAINER_STOP_LOG_FILE="/var/www/html/var/log/container_stop.log" \ - COREPACK_HOME="/usr/lib/node/corepack" \ - DBUS_SESSION_BUS_ADDRESS=/dev/null \ - DISPLAY=:99 \ - MAIN_TERMINATED_FILE="/var/www/html/var/log/main-terminated" \ - NPM_CONFIG_LOGLEVEL=notice \ - YARN_CACHE_FOLDER="/var/cache/yarn" \ - YARN_ENABLE_TELEMETRY=0 \ - # Unset yarn version - it could break things - YARN_VERSION= -# Packages -ENV RUN_DEPS="ca-certificates \ - curl \ - g++ \ - gcc \ - gettext-base \ - git \ - gnupg \ - less \ - logrotate \ - lsb-release \ - make \ - openssh-client \ - procps \ - vim \ - wget" - -# ---------------------------------------------------------------------------------------------------------------------- -# PACKAGES -# ---------------------------------------------------------------------------------------------------------------------- -RUN apt-get update && \ - apt-get install -y \ - ${RUN_DEPS} \ - supervisor=${SUPERVISOR_VERSION}-${SUPERVISOR_PKG_RELEASE} && \ -# Cleanup - apt-get clean && \ - rm -rf /var/lib/apt/lists/* - -# ---------------------------------------------------------------------------------------------------------------------- -# NPM -# Install static npm version -# ---------------------------------------------------------------------------------------------------------------------- -RUN npm install --location=global npm@${NPM_VERSION} && \ - mkdir -p ${COREPACK_HOME} && \ - corepack prepare yarn@${DOCKER_YARN_VERSION} --activate && \ - corepack enable && \ -# Node cache cleanup - npm cache clean --force && \ - yarn cache clean --all - -# ---------------------------------------------------------------------------------------------------------------------- -# NGINX -# ---------------------------------------------------------------------------------------------------------------------- -RUN NGINX_KEYRING=/usr/share/keyrings/nginx-archive-keyring.gpg && \ - NGINX_REPO=nginx && \ - echo "deb [signed-by=${NGINX_KEYRING}] http://nginx.org/packages/debian $(lsb_release -cs) ${NGINX_REPO}" > /etc/apt/sources.list.d/${NGINX_REPO}.list && \ - curl -fsSL https://nginx.org/keys/nginx_signing.key | gpg --dearmor > ${NGINX_KEYRING} && \ - apt-get update && \ - apt-get install --no-install-recommends --no-install-suggests -y \ - nginx=${NGINX_VERSION}-${NGINX_PKG_RELEASE} \ - nginx-module-xslt=${NGINX_VERSION}-${NGINX_PKG_RELEASE} \ - nginx-module-geoip=${NGINX_VERSION}-${NGINX_PKG_RELEASE} \ - nginx-module-image-filter=${NGINX_VERSION}-${NGINX_PKG_RELEASE} \ - nginx-module-njs=${NGINX_VERSION}+${NGINX_NJS_VERSION}-${NGINX_PKG_RELEASE} && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* - -# ---------------------------------------------------------------------------------------------------------------------- -# USER SETUP -# ---------------------------------------------------------------------------------------------------------------------- -RUN ln -sf /dev/stdout /var/log/nginx/access.log && \ - ln -sf /dev/stderr /var/log/nginx/error.log && \ - mkdir -p /run/nginx && \ - chown node:node -R \ - /etc/nginx \ - /run/nginx \ - /var/log/nginx && \ - sed -i 's/^#alias l/alias l/g' /home/node/.bashrc && \ - echo "update-notifier=false" > /home/node/.npmrc && \ - mkdir -p \ - ${YARN_CACHE_FOLDER} \ - /home/node/.yarn \ - /var/cache/nginx \ - /usr/local/lib/node_modules \ - /var/run/supervisor \ - /var/www/html/var && \ - chown node:node -R \ - ${COREPACK_HOME} \ - ${YARN_CACHE_FOLDER} \ - /etc/nginx \ - /home/node/.npmrc \ - /home/node/.yarn \ - /run/nginx \ - /usr/local/bin \ - /usr/local/lib/node_modules \ - /var/cache/nginx \ - /var/log/nginx \ - /var/run/supervisor \ - /var/www/html - -# ---------------------------------------------------------------------------------------------------------------------- -# BROWSERS SETUP -# ---------------------------------------------------------------------------------------------------------------------- -# Install Needed packages -RUN apt-get update && \ - apt-get install --no-install-recommends -y \ - bzip2 \ - dbus-x11 \ - libasound2 \ - libgbm-dev \ - libgconf-2-4 \ - libgtk-3-0 \ - libgtk2.0-0 \ - libnotify-dev \ - libnss3 \ - libxss1 \ - libxtst6 \ - xauth \ - xvfb && \ -# Cleanup - apt-get clean && \ - rm -r /var/lib/apt/lists/* -# Install Google Chrome -RUN wget -q -O /usr/src/google-chrome-stable_current_amd64.deb "https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_${CHROME_VERSION}-1_amd64.deb" && \ - apt-get update && \ - dpkg -i /usr/src/google-chrome-stable_current_amd64.deb ; \ - apt-get install -f -y && \ - rm -f /usr/src/google-chrome-stable_current_amd64.deb && \ -# Cleanup - apt-get clean && \ - rm -r /var/lib/apt/lists/* -# Install Firefox -RUN wget -q -O /tmp/firefox.tar.bz2 "https://download-installer.cdn.mozilla.net/pub/firefox/releases/${FIREFOX_VERSION}/linux-x86_64/en-US/firefox-${FIREFOX_VERSION}.tar.bz2" && \ - tar -C /opt -xjf /tmp/firefox.tar.bz2 && \ - rm -f /tmp/firefox.tar.bz2 && \ - ln -fs /opt/firefox/firefox /usr/bin/firefox - -# ---------------------------------------------------------------------------------------------------------------------- -# RUN CONFIGURATION -# ---------------------------------------------------------------------------------------------------------------------- -COPY --chown=node:node ./docker/app/local/etc /etc -COPY --chown=node:node ./docker/app/local/usr /usr - -# ---------------------------------------------------------------------------------------------------------------------- -# PERMISSIONS FIX -# ---------------------------------------------------------------------------------------------------------------------- -# Change USER_ID and GROUP_ID for nonroot container user if needed and install mysql-client +ENV DISPLAY=:99 +# +### Copy configuration files in to the container +COPY --chown=node:node docker/app/local/bin /usr/local/bin/ +# +### Change USER_ID and GROUP_ID for nonroot container user if needed +USER root RUN fix-user ${DOCKER_USER} node ${DOCKER_USER_ID} ${DOCKER_GROUP_ID} - -# ---------------------------------------------------------------------------------------------------------------------- -# RUN -# Run setup and entrypoint start -# ---------------------------------------------------------------------------------------------------------------------- -WORKDIR /var/www/html - -# Start +# +### Basic user setup and start +USER root CMD ["start-command"] diff --git a/docker/app/local/usr/local/bin/start-command b/docker/app/local/bin/start-command similarity index 100% rename from docker/app/local/usr/local/bin/start-command rename to docker/app/local/bin/start-command diff --git a/docker/app/local/etc/fonts/local.conf b/docker/app/local/etc/fonts/local.conf deleted file mode 100644 index 07f242c0..00000000 --- a/docker/app/local/etc/fonts/local.conf +++ /dev/null @@ -1,34 +0,0 @@ - - - - - -rgb - - - - -true - - - - -hintslight - - - - -true - - - - -lcddefault - - - - -false - - - \ No newline at end of file diff --git a/docker/app/local/etc/nginx/conf.d/default.conf b/docker/app/local/etc/nginx/conf.d/default.conf deleted file mode 100644 index 75c74966..00000000 --- a/docker/app/local/etc/nginx/conf.d/default.conf +++ /dev/null @@ -1,57 +0,0 @@ -map $status $static_cache_control_header { - 404 "no-cache, no-store, must-revalidate"; - default "public, max-age=60, s-maxage=60"; -} - -server { - listen 8080; - - root /var/www/html/dist; - index index.html; - client_max_body_size 1m; - large_client_header_buffers 4 16k; - - #App paths - location / { - try_files $uri $uri/ @rewrites; - } - - location @rewrites { - rewrite ^(.+)$ /index.html last; - } - - location ~* \.html?$ { - expires -1; - add_header Pragma "no-cache"; - add_header Cache-Control "no-store, must-revalidate"; - add_header Host $host; - - # Custom nginx response headers - add_header 'X-Robots-Tag' 'noindex, nofollow, noarchive, nosnippet' always; - add_header 'X-XSS-Protection' '1; mode=block' always; - add_header 'X-Content-Type-Options' 'nosniff' always; - } - - location ~* ^[^\?\&]+\.(json|zip|tgz|gz|rar|bz2|doc|xls|pdf|ppt|txt|tar|rtf|mid|midi|wav)$ { - add_header Host $host; - - # Custom nginx response headers - add_header 'X-Robots-Tag' 'noindex, nofollow, noarchive, nosnippet' always; - add_header 'X-XSS-Protection' '1; mode=block' always; - add_header 'X-Content-Type-Options' 'nosniff' always; - } - - location ~* ^[^\?\&]+\.(jpg|jpeg|gif|png|ico|css|js|svg|bmp|eot|woff|woff2|ttf)$ { - add_header Host $host; - add_header Cache-Control $static_cache_control_header always; - - # Custom nginx response headers - add_header 'X-Robots-Tag' 'noindex, nofollow, noarchive, nosnippet' always; - add_header 'X-XSS-Protection' '1; mode=block' always; - add_header 'X-Content-Type-Options' 'nosniff' always; - } - - location ~ /\.ht { - deny all; - } -} diff --git a/docker/app/local/etc/nginx/nginx.conf b/docker/app/local/etc/nginx/nginx.conf deleted file mode 100644 index be3efbbd..00000000 --- a/docker/app/local/etc/nginx/nginx.conf +++ /dev/null @@ -1,39 +0,0 @@ -worker_processes 1; -worker_rlimit_nofile 65535; - -error_log /var/log/nginx/error.log warn; -pid /run/nginx/nginx.pid; - -events { - worker_connections 1024; -} - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" $status ' - '$body_bytes_sent' - 'B ' - '$request_time' - 's ' - '"$http_referer" "$http_user_agent" "$http_x_forwarded_for" "$http_x_forwarded_proto"'; - client_body_temp_path /tmp/client_temp; - proxy_temp_path /tmp/proxy_temp_path; - fastcgi_temp_path /tmp/fastcgi_temp; - uwsgi_temp_path /tmp/uwsgi_temp; - scgi_temp_path /tmp/scgi_temp; - - access_log /var/log/nginx/access.log main; - - server_tokens off; - keepalive_timeout 650; - keepalive_requests 10000; - sendfile on; - - gzip on; - gzip_proxied any; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/docker/app/local/etc/supervisor/conf.d/nginx.conf b/docker/app/local/etc/supervisor/conf.d/nginx.conf deleted file mode 100644 index 5fe4411f..00000000 --- a/docker/app/local/etc/supervisor/conf.d/nginx.conf +++ /dev/null @@ -1,13 +0,0 @@ -[program:nginx] -command=/usr/sbin/nginx -g "daemon off;" -autostart=true -autorestart=unexpected -# Expect 0 exit code returned when stopping the container -exitcodes=0 -priority=10 -stdout_events_enabled=true -stderr_events_enabled=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 diff --git a/docker/app/local/etc/supervisor/conf.d/node-server.conf b/docker/app/local/etc/supervisor/conf.d/node-server.conf deleted file mode 100644 index b773d5c6..00000000 --- a/docker/app/local/etc/supervisor/conf.d/node-server.conf +++ /dev/null @@ -1,12 +0,0 @@ -; Node dev server -[program:node-server] -command=yarn dev -autostart=false -autorestart=true -priority=5 -stdout_logfile=/var/www/html/var/log/node_server.log -stdout_logfile_maxbytes=10MB -stdout_logfile_backups=1 -stderr_logfile=/var/www/html/var/log/node_server_error.log -stderr_logfile_maxbytes=10MB -stderr_logfile_backups=1 diff --git a/docker/app/local/etc/supervisor/supervisord.conf b/docker/app/local/etc/supervisor/supervisord.conf deleted file mode 100644 index dae2dc20..00000000 --- a/docker/app/local/etc/supervisor/supervisord.conf +++ /dev/null @@ -1,23 +0,0 @@ -[unix_http_server] -file=/var/run/supervisor/supervisor.sock -chmod=0700 -username=docker -password=docker - -[supervisorctl] -serverurl=unix:///var/run/supervisor/supervisor.sock -username=docker -password=docker - -[supervisord] -nodaemon=true -logfile=/dev/stdout -logfile_maxbytes=0 -pidfile=/var/run/supervisor/supervisord.pid -loglevel=info - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory=supervisor.rpcinterface:make_main_rpcinterface - -[include] -files = /etc/supervisor/conf.d/*.conf diff --git a/docker/app/local/usr/local/bin/env-config b/docker/app/local/usr/local/bin/env-config deleted file mode 100755 index bac6c904..00000000 --- a/docker/app/local/usr/local/bin/env-config +++ /dev/null @@ -1,176 +0,0 @@ -#!/bin/bash -# Script used to run the setup of config.json file using .env files and exported variables: -# - if the variable is exported in system, then it is left untouched and not exported from any env file -# - all missing variables are exported from main env file if exists -# - all missing variables (the same as from main env file) are exported from local env file if exists -set -eo pipefail - -CONFIG_DIST_PATH="public/config.json.dist" -CONFIG_PATH="public/config.json" -DEBUG=false -END_FLOW=false -ENV_APPLICATION_FILE_DIST=".env" -ENV_APPLICATION_FILE=".env.local" -PROJECT_ROOT="/var/www/html" - -function echo_debug() { - if ${DEBUG}; then - echo -e "[DEBUG] $*" - fi -} - -function help() { - echo -en "$(printf %q "${BASH_SOURCE[0]}") [OPERATION] [OPTIONS]... - \nBash script to run env config.json setup inside the container. - - Options: - --config-dist-path (Optional) Path to existing config.json.dist file - Default: public/config.json.dist - --config-path (Optional) Path to config.json file to be created - Default: public/config.json - --debug (Optional) Whether to enable debug output - --env-dist-file (Optional) Path to existing .env file - Default: .env - --env-file (Optional) Path to .env.local file to be created - Default: .env.local - --project-root (Optional) Path project home where to find config and env files - Default: /var/www/html - - Examples: - $(printf %q "${BASH_SOURCE[0]}") --config-dist-path dist/config.json.dist --config-path dist/config.json - \n" -} - -function set_vars_from_file() { - while IFS= read -r variable; do - variable_name=$(echo "${variable?}" | cut -d "=" -f 1) - variable_value=$(echo "${variable?}" | cut -d "=" -f 2) - # Export only missing variables - if echo "${MISSING_VARIABLE_NAMES}" | grep -q -w "$variable_name"; then - ENV_VARS+=("export ${variable?}") - echo_debug "Preparing variable for export: ${variable?}" - fi - done < <(grep -v "^#" "$1" | sed '/^$/d') - echo_debug "Prepared variables for export:" "${ENV_VARS[@]}" - for var in "${ENV_VARS[@]}"; do eval "$var"; done -} - -while [ "$#" -gt 0 ]; do - case $1 in - --config-path) - CONFIG_PATH=$2 - shift 2 - continue - ;; - --config-path=*) - CONFIG_PATH=${1#*=} - shift 1 - continue - ;; - --config-dist-path) - CONFIG_DIST_PATH=$2 - shift 2 - continue - ;; - --config-dist-path=*) - CONFIG_DIST_PATH=${1#*=} - shift 1 - continue - ;; - --debug) - DEBUG=true - shift 1 - continue - ;; - --env-file) - ENV_APPLICATION_FILE=$2 - shift 2 - continue - ;; - --env-file=*) - ENV_APPLICATION_FILE=${1#*=} - shift 1 - continue - ;; - --env-dist-file) - ENV_APPLICATION_FILE_DIST=$2 - shift 2 - continue - ;; - --env-dist-file=*) - ENV_APPLICATION_FILE_DIST=${1#*=} - shift 1 - continue - ;; - --project-root) - PROJECT_ROOT=$2 - shift 2 - continue - ;; - --project-root=*) - PROJECT_ROOT=${1#*=} - shift 1 - continue - ;; - -h | --help) - help - exit - ;; - *) - echo "[WARN] Unknown command line switch: $1" >&2 - help - exit - ;; - esac -done - -if [ ! -f "${CONFIG_DIST_PATH}" ]; then - echo "[INFO] Project root: ${PROJECT_ROOT}" - echo "[ERROR] File ${CONFIG_DIST_PATH} does not exist, provide correct path using --config-dist-path option" - END_FLOW=true -fi - -if [ ! -f "${ENV_APPLICATION_FILE_DIST}" ]; then - echo "[INFO] Project root: ${PROJECT_ROOT}" - echo "[ERROR] File ${ENV_APPLICATION_FILE_DIST} does not exist, provide correct path using --env-dist-path option" - END_FLOW=true -fi - -if ${END_FLOW}; then - echo -e "\n" - help - exit 1 -fi - -cd "${PROJECT_ROOT}" || exit 1 - -# Get all variables from main env file -ALL_VARIABLE_NAMES=$(grep -v "^#" "${ENV_APPLICATION_FILE_DIST}" | sed -e '/^$/d' | cut -d "=" -f 1) -# Set missing variables to all variables, we will filter them later in the script -MISSING_VARIABLE_NAMES=${ALL_VARIABLE_NAMES} - -# Remove already exported (existing) variables from missing variables to make the list clear -for variable_name in ${ALL_VARIABLE_NAMES}; do - variable_temp="echo \${$variable_name}" - variable_value=$(eval "$variable_temp") - if [ -n "${variable_value?}" ]; then - MISSING_VARIABLE_NAMES=${MISSING_VARIABLE_NAMES/$variable_name//} - echo_debug "Variable already exported: ${variable_value?}" - fi -done -echo_debug "Variables to read from env files: ${MISSING_VARIABLE_NAMES}" - -# Export missing variables from main env file if exists -if [ -f "${ENV_APPLICATION_FILE_DIST}" ]; then - echo_debug "Reading variables from ${ENV_APPLICATION_FILE_DIST} file" - set_vars_from_file "${ENV_APPLICATION_FILE_DIST}" -fi - -# Export missing variables from local env file if exists -if [ -f "${ENV_APPLICATION_FILE}" ]; then - echo_debug "Reading variables from ${ENV_APPLICATION_FILE} file" - set_vars_from_file "${ENV_APPLICATION_FILE}" -fi - -mkdir -p "$(dirname "${CONFIG_PATH}")" -envsubst <"${CONFIG_DIST_PATH}" >"${CONFIG_PATH}" diff --git a/docker/app/local/usr/local/bin/fix-user b/docker/app/local/usr/local/bin/fix-user deleted file mode 100755 index 7ba79b00..00000000 --- a/docker/app/local/usr/local/bin/fix-user +++ /dev/null @@ -1,94 +0,0 @@ -#!/bin/bash -# -# Corrects UID and GID for container user according to host UID and GID if needed -# -# #1 Example: UID 1000 and GID 1000: -# ./fix-user test user 1000 1000 -# - 'user' has UID 1000 and GID 1000 by default - nothing will happen -# -# #2 Example: UID 501 (not exists in docker image) and GID 501 (not exists in docker image): -# ./fix-user test user 501 501 -# - 'user' UID will change to 501 -# - 'user' GID will change to 501 -# -# #3 Example: UID 35 (exists in docker image as 'games') and GID 100 (exists in docker image as 'users'): -# ./fix-user test user 35 100 -# - 'games' UID will change to random free UID (1100-2000) to release UID 35 -# - 'user' UID will change to 35 -# - adds user 'user' to group 'users' - -HOST_USER=$1 -CONTAINER_USER_NAME=$2 -HOST_USER_ID=$3 -HOST_GROUP_ID=$4 -# User name which exists under hosts user id -EXISTING_CONTAINER_USER_NAME=$(getent passwd "${HOST_USER_ID}" | cut -d: -f1) -EXISTING_CONTAINER_NEW_USER_ID="" -# Group name which exists under hosts group id -EXISTING_CONTAINER_GROUP_NAME=$(getent group "${HOST_GROUP_ID}" | cut -d: -f1) -# User ID of the container user -CONTAINER_USER_ID=$(id -u "${CONTAINER_USER_NAME}") -# Group ID and group name of the container user -CONTAINER_GROUP_ID=$(id -g "${CONTAINER_USER_NAME}") -CONTAINER_GROUP_NAME=$(getent group "${CONTAINER_GROUP_ID}" | cut -d: -f1) -FINAL_GROUP_NAME=${EXISTING_CONTAINER_GROUP_NAME} -SYSTEM_FOLDERS=" \ - ${COREPACK_HOME} \ - ${YARN_CACHE_FOLDER} \ - /etc/nginx \ - /home/node \ - /run/nginx \ - /usr/local/lib/node_modules \ - /usr/local/log \ - /var/log/nginx \ - /var/www/html \ -" - -# Skip this script if the host user is root -if [ "$HOST_USER" == "root" ]; then - exit 0 -fi - -# Final group name to be used will be container group if no other group exists with the host group ID -if [ -z "${FINAL_GROUP_NAME}" ]; then - FINAL_GROUP_NAME=${CONTAINER_GROUP_NAME} -fi - -# Generate new user ID to be used for existing container user -while [ -n "$(getent passwd "${EXISTING_CONTAINER_NEW_USER_ID}")" ]; do - EXISTING_CONTAINER_NEW_USER_ID=$(shuf -i 1100-2000 -n 1) -done - -# Change user ID for container user if needed -if [ -z "${EXISTING_CONTAINER_USER_NAME}" ] && [ ! "${CONTAINER_USER_ID}" == "${HOST_USER_ID}" ]; then - echo "Changing '${CONTAINER_USER_NAME}' user ID ${CONTAINER_USER_ID} to ${HOST_USER_ID}" - usermod -u "${HOST_USER_ID}" "${CONTAINER_USER_NAME}" -fi - -# Change user ID for existing container user and container user if needed -if [ -n "${EXISTING_CONTAINER_USER_NAME}" ] && [ ! "${EXISTING_CONTAINER_USER_NAME}" == "${CONTAINER_USER_NAME}" ]; then - echo "Changing '${EXISTING_CONTAINER_USER_NAME}' user ID ${HOST_USER_ID} to ${EXISTING_CONTAINER_NEW_USER_ID}" - usermod -u "${EXISTING_CONTAINER_NEW_USER_ID}" "${EXISTING_CONTAINER_USER_NAME}" 2>&1 - echo "Changing '${CONTAINER_USER_NAME}' user ID ${CONTAINER_USER_ID} to ${HOST_USER_ID}" - usermod -u "${HOST_USER_ID}" "${CONTAINER_USER_NAME}" -fi - -# Change group ID for container group name if needed -if [ "${FINAL_GROUP_NAME}" == "${CONTAINER_GROUP_NAME}" ] && [ ! "${CONTAINER_GROUP_ID}" == "${HOST_GROUP_ID}" ]; then - echo "Changing '${FINAL_GROUP_NAME}' group ID ${CONTAINER_GROUP_ID} to ${HOST_GROUP_ID}" - groupmod -g "${HOST_GROUP_ID}" "${FINAL_GROUP_NAME}" - find / -group "${CONTAINER_GROUP_ID}" -exec chgrp -h "${HOST_GROUP_ID}" {} \; -fi - -# Assign correct group for existing container user name if needed -if [ ! "${FINAL_GROUP_NAME}" == "${CONTAINER_GROUP_NAME}" ]; then - echo "Adding user with UID ${HOST_USER_ID} (${CONTAINER_USER_NAME}) to group with GID ${HOST_GROUP_ID} (${FINAL_GROUP_NAME})" - usermod -a -G "${FINAL_GROUP_NAME}" "${CONTAINER_USER_NAME}" 2>&1 -fi - -echo "Setting up system user permissions (${CONTAINER_USER_NAME}:${FINAL_GROUP_NAME})" -for folder in ${SYSTEM_FOLDERS}; do - if [ -d "$folder" ]; then - chown "${CONTAINER_USER_NAME}":"${FINAL_GROUP_NAME}" -R "$folder" - fi -done diff --git a/docker/app/local/usr/share/dbus-1/system.conf b/docker/app/local/usr/share/dbus-1/system.conf deleted file mode 100644 index 614ca754..00000000 --- a/docker/app/local/usr/share/dbus-1/system.conf +++ /dev/null @@ -1,141 +0,0 @@ - - - - - - - - - system - - - node - - - - - - - - - /usr/lib/dbus-1.0/dbus-daemon-launch-helper - - - /run/dbus/pid - - - - - - EXTERNAL - - - unix:path=/run/dbus/system_bus_socket - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - /etc/dbus-1/system.conf.dpkg-bak - - - - - - - - - - - - - - - - - - - - - system.d - - /etc/dbus-1/system.d - - - /etc/dbus-1/system-local.conf - - contexts/dbus_contexts - - \ No newline at end of file