From db4ab1d548ab2d0b0bbe620034a9a48563ebd642 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 3 May 2023 16:01:27 +1000 Subject: [PATCH 1/9] Verbose debugging of s6 scripts --- docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run | 2 ++ docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh | 2 ++ docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/20-paths.sh | 2 ++ .../rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh | 2 ++ docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh | 2 ++ docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh | 7 ++++++- docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/60-secrets.sh | 2 ++ 7 files changed, 18 insertions(+), 1 deletion(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run index e8ffa17c..9fe0831d 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run @@ -2,6 +2,8 @@ # shellcheck shell=bash set -e +# verbose +set -x . /bin/common.sh diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh index c5cf5435..1f290de1 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh @@ -2,6 +2,8 @@ # shellcheck shell=bash set -e +# verbose +set -x log_info 'Configuring npmuser ...' diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/20-paths.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/20-paths.sh index 2f59ef41..12f6400e 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/20-paths.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/20-paths.sh @@ -2,6 +2,8 @@ # shellcheck shell=bash set -e +# verbose +set -x log_info 'Checking paths ...' diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index 684166e1..41da358b 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -2,6 +2,8 @@ # shellcheck shell=bash set -e +# verbose +set -x log_info 'Setting ownership ...' diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh index 0cb9f126..d13fae7a 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh @@ -2,6 +2,8 @@ # shellcheck shell=bash set -e +# verbose +set -x log_info 'Dynamic resolvers ...' diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh index bc27eb14..3e583bfa 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh @@ -1,8 +1,13 @@ -#!/bin/bash +#!/command/with-contenv bash +# shellcheck shell=bash # This command reads the `DISABLE_IPV6` env var and will either enable # or disable ipv6 in all nginx configs based on this setting. +set -e +# verbose +set -x + log_info 'IPv6 ...' # Lowercase diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/60-secrets.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/60-secrets.sh index faa22acc..1a724382 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/60-secrets.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/60-secrets.sh @@ -2,6 +2,8 @@ # shellcheck shell=bash set -e +# verbose +set -x # in s6, environmental variables are written as text files for s6 to monitor # search through full-path filenames for files ending in "__FILE" From a1245bc16149fd487e21014b26fd2e28b88cc768 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Thu, 4 May 2023 08:27:38 +1000 Subject: [PATCH 2/9] Split up ownership to indentify point of failure --- .../s6-rc.d/prepare/30-ownership.sh | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index 41da358b..3c583ab3 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -11,16 +11,16 @@ log_info 'Setting ownership ...' chown root /tmp/nginx # npmuser -chown -R "$PUID:$PGID" /data \ - /etc/letsencrypt \ - /run/nginx \ - /tmp/nginx \ - /var/cache/nginx \ - /var/lib/logrotate \ - /var/lib/nginx \ - /var/log/nginx +chown -R "$PUID:$PGID" /data +chown -R "$PUID:$PGID" /etc/letsencrypt +chown -R "$PUID:$PGID" /run/nginx +chown -R "$PUID:$PGID" /tmp/nginx +chown -R "$PUID:$PGID" /var/cache/nginx +chown -R "$PUID:$PGID" /var/lib/logrotate +chown -R "$PUID:$PGID" /var/lib/nginx +chown -R "$PUID:$PGID" /var/log/nginx # Don't chown entire /etc/nginx folder as this causes crashes on some systems -chown -R "$PUID:$PGID" /etc/nginx/nginx \ - /etc/nginx/nginx.conf \ - /etc/nginx/conf.d +chown -R "$PUID:$PGID" /etc/nginx/nginx +chown -R "$PUID:$PGID" /etc/nginx/nginx.conf +chown -R "$PUID:$PGID" /etc/nginx/conf.d From c432c34fb3117da32c04acd1ca7826e9d63e6c85 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Thu, 4 May 2023 10:03:06 +1000 Subject: [PATCH 3/9] Small refactor of user/groups and add checks during startup. Only use -x in bash scripts when DEBUG=true set in env vars --- docker/rootfs/bin/common.sh | 12 ++++++ docker/rootfs/etc/nginx/nginx.conf | 2 +- .../rootfs/etc/s6-overlay/s6-rc.d/backend/run | 6 +-- .../etc/s6-overlay/s6-rc.d/frontend/run | 6 +-- .../rootfs/etc/s6-overlay/s6-rc.d/nginx/run | 2 +- .../etc/s6-overlay/s6-rc.d/prepare/00-all.sh | 6 ++- .../s6-overlay/s6-rc.d/prepare/10-npmuser.sh | 22 ---------- .../s6-rc.d/prepare/10-usergroup.sh | 40 +++++++++++++++++++ .../s6-overlay/s6-rc.d/prepare/20-paths.sh | 2 - .../s6-rc.d/prepare/30-ownership.sh | 4 +- .../s6-overlay/s6-rc.d/prepare/40-dynamic.sh | 2 - .../etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh | 4 +- .../s6-overlay/s6-rc.d/prepare/60-secrets.sh | 2 - .../s6-overlay/s6-rc.d/prepare/90-banner.sh | 5 ++- 14 files changed, 70 insertions(+), 45 deletions(-) delete mode 100755 docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh create mode 100755 docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-usergroup.sh diff --git a/docker/rootfs/bin/common.sh b/docker/rootfs/bin/common.sh index 0bc6468d..913dd3e1 100644 --- a/docker/rootfs/bin/common.sh +++ b/docker/rootfs/bin/common.sh @@ -12,6 +12,11 @@ export CYAN BLUE YELLOW RED RESET PUID=${PUID:-0} PGID=${PGID:-0} +NPMUSER=npm +NPMGROUP=npm +NPMHOME=/tmp/npmuserhome +export NPMUSER NPMGROUP NPMHOME + if [[ "$PUID" -ne '0' ]] && [ "$PGID" = '0' ]; then # set group id to same as user id, # the user probably forgot to specify the group id and @@ -40,3 +45,10 @@ log_fatal () { /run/s6/basedir/bin/halt exit 1 } + +# param $1: group_name +get_group_id () { + if [ "${1:-}" != '' ]; then + getent group "$1" | cut -d: -f3 + fi +} diff --git a/docker/rootfs/etc/nginx/nginx.conf b/docker/rootfs/etc/nginx/nginx.conf index c2ee97cc..82618337 100644 --- a/docker/rootfs/etc/nginx/nginx.conf +++ b/docker/rootfs/etc/nginx/nginx.conf @@ -1,7 +1,7 @@ # run nginx in foreground daemon off; pid /run/nginx/nginx.pid; -user npmuser; +user npm; # Set number of worker processes automatically based on number of CPU cores. worker_processes auto; diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run index 9fe0831d..f3209de7 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run @@ -12,12 +12,12 @@ cd /app || exit 1 log_info 'Starting backend ...' if [ "${DEVELOPMENT:-}" = 'true' ]; then - s6-setuidgid npmuser yarn install - exec s6-setuidgid npmuser bash -c 'export HOME=/tmp/npmuserhome;node --max_old_space_size=250 --abort_on_uncaught_exception node_modules/nodemon/bin/nodemon.js' + s6-setuidgid "$PUID:$PGID" yarn install + exec s6-setuidgid "$PUID:$PGID" bash -c "export HOME=$NPMHOME;node --max_old_space_size=250 --abort_on_uncaught_exception node_modules/nodemon/bin/nodemon.js" else while : do - s6-setuidgid npmuser bash -c 'export HOME=/tmp/npmuserhome;node --abort_on_uncaught_exception --max_old_space_size=250 index.js' + s6-setuidgid "$PUID:$PGID" bash -c "export HOME=$NPMHOME;node --abort_on_uncaught_exception --max_old_space_size=250 index.js" sleep 1 done fi diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/run index 1181c53e..e62f749c 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/run +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/run @@ -8,14 +8,14 @@ set -e if [ "$DEVELOPMENT" = 'true' ]; then . /bin/common.sh cd /app/frontend || exit 1 - HOME=/tmp/npmuserhome + HOME=$NPMHOME export HOME mkdir -p /app/frontend/dist chown -R "$PUID:$PGID" /app/frontend/dist log_info 'Starting frontend ...' - s6-setuidgid npmuser yarn install - exec s6-setuidgid npmuser yarn watch + s6-setuidgid "$PUID:$PGID" yarn install + exec s6-setuidgid "$PUID:$PGID" yarn watch else exit 0 fi diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run index fa8c1fc5..b1bed7a4 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run @@ -6,4 +6,4 @@ set -e . /bin/common.sh log_info 'Starting nginx ...' -exec s6-setuidgid npmuser nginx +exec s6-setuidgid "$PUID:$PGID" nginx diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/00-all.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/00-all.sh index 1d5899e4..82fbefb1 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/00-all.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/00-all.sh @@ -9,7 +9,11 @@ if [ "$(id -u)" != "0" ]; then log_fatal "This docker container must be run as root, do not specify a user.\nYou can specify PUID and PGID env vars to run processes as that user and group after initialization." fi -. /etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh +if [ "$DEBUG" = "true" ]; then + set -x +fi + +. /etc/s6-overlay/s6-rc.d/prepare/10-usergroup.sh . /etc/s6-overlay/s6-rc.d/prepare/20-paths.sh . /etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh . /etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh deleted file mode 100755 index 1f290de1..00000000 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-npmuser.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/command/with-contenv bash -# shellcheck shell=bash - -set -e -# verbose -set -x - -log_info 'Configuring npmuser ...' - -if id -u npmuser; then - # user already exists - usermod -u "$PUID" npmuser || exit 1 -else - # Add npmuser user - useradd -o -u "$PUID" -U -d /tmp/npmuserhome -s /bin/false npmuser || exit 1 -fi - -usermod -G "$PGID" npmuser || exit 1 -groupmod -o -g "$PGID" npmuser || exit 1 -# Home for npmuser -mkdir -p /tmp/npmuserhome -chown -R "$PUID:$PGID" /tmp/npmuserhome diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-usergroup.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-usergroup.sh new file mode 100755 index 00000000..ea100193 --- /dev/null +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/10-usergroup.sh @@ -0,0 +1,40 @@ +#!/command/with-contenv bash +# shellcheck shell=bash + +set -e + +log_info "Configuring $NPMUSER user ..." + +if id -u "$NPMUSER" 2>/dev/null; then + # user already exists + usermod -u "$PUID" "$NPMUSER" +else + # Add user + useradd -o -u "$PUID" -U -d "$NPMHOME" -s /bin/false "$NPMUSER" +fi + +log_info "Configuring $NPMGROUP group ..." +if [ "$(get_group_id "$NPMGROUP")" = '' ]; then + # Add group. This will not set the id properly if it's already taken + groupadd -f -g "$PGID" "$NPMGROUP" +else + groupmod -o -g "$PGID" "$NPMGROUP" +fi + +# Set the group ID and check it +groupmod -o -g "$PGID" "$NPMGROUP" +if [ "$(get_group_id "$NPMGROUP")" != "$PGID" ]; then + echo "ERROR: Unable to set group id properly" + exit 1 +fi + +# Set the group against the user and check it +usermod -G "$PGID" "$NPMGROUP" +if [ "$(id -g "$NPMUSER")" != "$PGID" ] ; then + echo "ERROR: Unable to set group against the user properly" + exit 1 +fi + +# Home for user +mkdir -p "$NPMHOME" +chown -R "$PUID:$PGID" "$NPMHOME" diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/20-paths.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/20-paths.sh index 12f6400e..2f59ef41 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/20-paths.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/20-paths.sh @@ -2,8 +2,6 @@ # shellcheck shell=bash set -e -# verbose -set -x log_info 'Checking paths ...' diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh index 3c583ab3..817c2c8e 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/30-ownership.sh @@ -2,15 +2,13 @@ # shellcheck shell=bash set -e -# verbose -set -x log_info 'Setting ownership ...' # root chown root /tmp/nginx -# npmuser +# npm user and group chown -R "$PUID:$PGID" /data chown -R "$PUID:$PGID" /etc/letsencrypt chown -R "$PUID:$PGID" /run/nginx diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh index d13fae7a..0cb9f126 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/40-dynamic.sh @@ -2,8 +2,6 @@ # shellcheck shell=bash set -e -# verbose -set -x log_info 'Dynamic resolvers ...' diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh index 3e583bfa..76e9a651 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/50-ipv6.sh @@ -5,8 +5,6 @@ # or disable ipv6 in all nginx configs based on this setting. set -e -# verbose -set -x log_info 'IPv6 ...' @@ -33,7 +31,7 @@ process_folder () { sed -E -i "$SED_REGEX" "$FILE" done - # ensure the files are still owned by the npmuser + # ensure the files are still owned by the npm user chown -R "$PUID:$PGID" "$1" } diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/60-secrets.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/60-secrets.sh index 1a724382..faa22acc 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/60-secrets.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/60-secrets.sh @@ -2,8 +2,6 @@ # shellcheck shell=bash set -e -# verbose -set -x # in s6, environmental variables are written as text files for s6 to monitor # search through full-path filenames for files ending in "__FILE" diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/90-banner.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/90-banner.sh index 7991ddf4..48ba6392 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/90-banner.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/90-banner.sh @@ -2,6 +2,7 @@ # shellcheck shell=bash set -e +set +x echo " ------------------------------------- @@ -11,7 +12,7 @@ echo " | |\ | __/| | | | |_| \_|_| |_| |_| ------------------------------------- -User ID: $PUID -Group ID: $PGID +User: $NPMUSER PUID:$PUID ID:$(id -u "$NPMUSER") GROUP:$(id -g "$NPMUSER") +Group: $NPMGROUP PGID:$PGID ID:$(get_group_id "$NPMGROUP") ------------------------------------- " From c3735fdbbb0e9ccc8f8a64c3a1ed76efb5472157 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Thu, 4 May 2023 12:30:27 +1000 Subject: [PATCH 4/9] Missed a file that was explicit verbose --- docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run | 2 -- 1 file changed, 2 deletions(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run index f3209de7..19746169 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run @@ -2,8 +2,6 @@ # shellcheck shell=bash set -e -# verbose -set -x . /bin/common.sh From 4f41fe0c953176dd0ce00b222389e85d5ca4d6c9 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Fri, 5 May 2023 08:46:54 +1000 Subject: [PATCH 5/9] Update s6-overlay --- docker/scripts/install-s6 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/scripts/install-s6 b/docker/scripts/install-s6 index 5a5a9c9c..8a236d51 100755 --- a/docker/scripts/install-s6 +++ b/docker/scripts/install-s6 @@ -8,7 +8,7 @@ BLUE='\E[1;34m' GREEN='\E[1;32m' RESET='\E[0m' -S6_OVERLAY_VERSION=3.1.4.1 +S6_OVERLAY_VERSION=3.1.4.2 TARGETPLATFORM=${1:unspecified} # Determine the correct binary file for the architecture given From ecf02902032e4bde9bd67b4db7327ec93ca0c152 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 9 May 2023 08:15:44 +1000 Subject: [PATCH 6/9] Update s6-overlay --- docker/scripts/install-s6 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/scripts/install-s6 b/docker/scripts/install-s6 index 8a236d51..0681aed9 100755 --- a/docker/scripts/install-s6 +++ b/docker/scripts/install-s6 @@ -8,7 +8,7 @@ BLUE='\E[1;34m' GREEN='\E[1;32m' RESET='\E[0m' -S6_OVERLAY_VERSION=3.1.4.2 +S6_OVERLAY_VERSION=3.1.5.0 TARGETPLATFORM=${1:unspecified} # Determine the correct binary file for the architecture given From c3f019c911f21a4fd446b377c7a7f4c45d092a60 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Tue, 9 May 2023 08:19:09 +1000 Subject: [PATCH 7/9] Test ipv6 disabled in ci --- docker/docker-compose.ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker/docker-compose.ci.yml b/docker/docker-compose.ci.yml index 9f4edc00..209d2d0e 100644 --- a/docker/docker-compose.ci.yml +++ b/docker/docker-compose.ci.yml @@ -35,6 +35,7 @@ services: DB_SQLITE_FILE: '/data/mydb.sqlite' PUID: 1000 PGID: 1000 + DISABLE_IPV6: 'true' volumes: - npm_data:/data expose: From 4b6f9d9419b004a1f5734eea4b96231870623fa8 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 10 May 2023 09:57:24 +1000 Subject: [PATCH 8/9] Remove s6 service timeout --- docker/Dockerfile | 6 +++++- docker/dev/Dockerfile | 10 +++++++--- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 564f838a..b1cd31a2 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -10,9 +10,13 @@ ARG BUILD_VERSION ARG BUILD_COMMIT ARG BUILD_DATE +# See: https://github.com/just-containers/s6-overlay/blob/master/README.md ENV SUPPRESS_NO_CONFIG_WARNING=1 \ - S6_FIX_ATTRS_HIDDEN=1 \ S6_BEHAVIOUR_IF_STAGE2_FAILS=1 \ + S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \ + S6_FIX_ATTRS_HIDDEN=1 \ + S6_KILL_FINISH_MAXTIME=10000 \ + S6_VERBOSITY=1 \ NODE_ENV=production \ NPM_BUILD_VERSION="${BUILD_VERSION}" \ NPM_BUILD_COMMIT="${BUILD_COMMIT}" \ diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile index 833f1003..749ac343 100644 --- a/docker/dev/Dockerfile +++ b/docker/dev/Dockerfile @@ -1,9 +1,13 @@ FROM jc21/nginx-full:certbot-node LABEL maintainer="Jamie Curnow " -ENV S6_LOGGING=0 \ - SUPPRESS_NO_CONFIG_WARNING=1 \ - S6_FIX_ATTRS_HIDDEN=1 +# See: https://github.com/just-containers/s6-overlay/blob/master/README.md +ENV SUPPRESS_NO_CONFIG_WARNING=1 \ + S6_BEHAVIOUR_IF_STAGE2_FAILS=1 \ + S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \ + S6_FIX_ATTRS_HIDDEN=1 \ + S6_KILL_FINISH_MAXTIME=10000 \ + S6_VERBOSITY=2 RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ && apt-get update \ From 0127dc7f03b98ce5d53d3c1b56ce36a564491aca Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 10 May 2023 11:32:22 +1000 Subject: [PATCH 9/9] Bump version --- .version | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.version b/.version index c6436a85..5f4f65c8 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.10.2 +2.10.3 diff --git a/README.md b/README.md index eefa11eb..95d6551a 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@



- +