From 82d94520012a50be6b40c5c0e7a4f2a7cd5e2ec8 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Sat, 18 Mar 2023 17:45:04 +1000 Subject: [PATCH 1/2] Move some older s6-overlay over to new format, fixes #2705 --- docker/rootfs/etc/cont-finish.d/.gitignore | 2 -- docker/rootfs/etc/cont-init.d/.gitignore | 3 -- docker/rootfs/etc/cont-init.d/01_perms.sh | 7 ----- .../etc/cont-init.d/01_s6-secret-init.sh | 29 ------------------ docker/rootfs/etc/fix-attrs.d/.gitignore | 2 -- .../etc/s6-overlay/s6-rc.d/prepare/script.sh | 30 +++++++++++++++++++ 6 files changed, 30 insertions(+), 43 deletions(-) delete mode 100644 docker/rootfs/etc/cont-finish.d/.gitignore delete mode 100644 docker/rootfs/etc/cont-init.d/.gitignore delete mode 100755 docker/rootfs/etc/cont-init.d/01_perms.sh delete mode 100644 docker/rootfs/etc/cont-init.d/01_s6-secret-init.sh delete mode 100644 docker/rootfs/etc/fix-attrs.d/.gitignore diff --git a/docker/rootfs/etc/cont-finish.d/.gitignore b/docker/rootfs/etc/cont-finish.d/.gitignore deleted file mode 100644 index d6b7ef3..0000000 --- a/docker/rootfs/etc/cont-finish.d/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -* -!.gitignore diff --git a/docker/rootfs/etc/cont-init.d/.gitignore b/docker/rootfs/etc/cont-init.d/.gitignore deleted file mode 100644 index f04f0f6..0000000 --- a/docker/rootfs/etc/cont-init.d/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -* -!.gitignore -!*.sh diff --git a/docker/rootfs/etc/cont-init.d/01_perms.sh b/docker/rootfs/etc/cont-init.d/01_perms.sh deleted file mode 100755 index e7875d3..0000000 --- a/docker/rootfs/etc/cont-init.d/01_perms.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/with-contenv bash -set -e - -mkdir -p /data/logs -echo "Changing ownership of /data/logs to $(id -u):$(id -g)" -chown -R "$(id -u):$(id -g)" /data/logs - diff --git a/docker/rootfs/etc/cont-init.d/01_s6-secret-init.sh b/docker/rootfs/etc/cont-init.d/01_s6-secret-init.sh deleted file mode 100644 index 7a2e2d0..0000000 --- a/docker/rootfs/etc/cont-init.d/01_s6-secret-init.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/usr/bin/with-contenv bash -# ref: https://github.com/linuxserver/docker-baseimage-alpine/blob/master/root/etc/cont-init.d/01-envfile - -# in s6, environmental variables are written as text files for s6 to monitor -# search through full-path filenames for files ending in "__FILE" -for FILENAME in $(find /var/run/s6/container_environment/ | grep "__FILE$"); do - echo "[secret-init] Evaluating ${FILENAME##*/} ..." - - # set SECRETFILE to the contents of the full-path textfile - SECRETFILE=$(cat ${FILENAME}) - # SECRETFILE=${FILENAME} - # echo "[secret-init] Set SECRETFILE to ${SECRETFILE}" # DEBUG - rm for prod! - - # if SECRETFILE exists / is not null - if [[ -f ${SECRETFILE} ]]; then - # strip the appended "__FILE" from environmental variable name ... - STRIPFILE=$(echo ${FILENAME} | sed "s/__FILE//g") - # echo "[secret-init] Set STRIPFILE to ${STRIPFILE}" # DEBUG - rm for prod! - - # ... and set value to contents of secretfile - # since s6 uses text files, this is effectively "export ..." - printf $(cat ${SECRETFILE}) > ${STRIPFILE} - # echo "[secret-init] Set ${STRIPFILE##*/} to $(cat ${STRIPFILE})" # DEBUG - rm for prod!" - echo "[secret-init] Success! ${STRIPFILE##*/} set from ${FILENAME##*/}" - - else - echo "[secret-init] cannot find secret in ${FILENAME}" - fi -done diff --git a/docker/rootfs/etc/fix-attrs.d/.gitignore b/docker/rootfs/etc/fix-attrs.d/.gitignore deleted file mode 100644 index d6b7ef3..0000000 --- a/docker/rootfs/etc/fix-attrs.d/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -* -!.gitignore diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/script.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/script.sh index 4b506ca..5723ea7 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/script.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/script.sh @@ -48,10 +48,40 @@ else echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf fi +echo "Changing ownership of /data/logs to $(id -u):$(id -g)" +chown -R "$(id -u):$(id -g)" /data/logs + # Handle IPV6 settings /bin/handle-ipv6-setting /etc/nginx/conf.d /bin/handle-ipv6-setting /data/nginx +# ref: https://github.com/linuxserver/docker-baseimage-alpine/blob/master/root/etc/cont-init.d/01-envfile + +# in s6, environmental variables are written as text files for s6 to monitor +# search through full-path filenames for files ending in "__FILE" +echo "❯ Secrets-init ..." +for FILENAME in $(find /var/run/s6/container_environment/ | grep "__FILE$"); do + echo "[secret-init] Evaluating ${FILENAME##*/} ..." + + # set SECRETFILE to the contents of the full-path textfile + SECRETFILE=$(cat "${FILENAME}") + # if SECRETFILE exists / is not null + if [[ -f "${SECRETFILE}" ]]; then + # strip the appended "__FILE" from environmental variable name ... + STRIPFILE=$(echo "${FILENAME}" | sed "s/__FILE//g") + # echo "[secret-init] Set STRIPFILE to ${STRIPFILE}" # DEBUG - rm for prod! + + # ... and set value to contents of secretfile + # since s6 uses text files, this is effectively "export ..." + printf $(cat "${SECRETFILE}") > "${STRIPFILE}" + # echo "[secret-init] Set ${STRIPFILE##*/} to $(cat ${STRIPFILE})" # DEBUG - rm for prod!" + echo "[secret-init] Success! ${STRIPFILE##*/} set from ${FILENAME##*/}" + + else + echo "[secret-init] cannot find secret in ${FILENAME}" + fi +done + echo echo "------------------------------------- _ _ ____ __ __ From 11a29a8b6721c20468fc9d07f13b89eb3322f028 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Fri, 24 Mar 2023 08:15:27 +1000 Subject: [PATCH 2/2] Bump version --- .version | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.version b/.version index cfd472b..93d20b2 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.9.21 +2.9.22 diff --git a/README.md b/README.md index 8039364..0d80be3 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- +