diff --git a/docker/Dockerfile b/docker/Dockerfile index ac6c9804..15569833 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -25,7 +25,7 @@ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ && rm -rf /var/lib/apt/lists/* # s6 overlay -COPY scripts/install-s6 /tmp/install-s6 +COPY docker/scripts/install-s6 /tmp/install-s6 RUN /tmp/install-s6 "${TARGETPLATFORM}" && rm -f /tmp/install-s6 EXPOSE 80 81 443 diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile index 8d28eb70..833f1003 100644 --- a/docker/dev/Dockerfile +++ b/docker/dev/Dockerfile @@ -7,7 +7,7 @@ ENV S6_LOGGING=0 \ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ && apt-get update \ - && apt-get install -y certbot jq python3-pip logrotate \ + && apt-get install -y jq python3-pip logrotate \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* @@ -21,9 +21,8 @@ RUN rm -f /etc/nginx/conf.d/production.conf RUN chmod 644 /etc/logrotate.d/nginx-proxy-manager # s6 overlay -RUN curl -L -o /tmp/s6-overlay-amd64.tar.gz "https://github.com/just-containers/s6-overlay/releases/download/v1.22.1.0/s6-overlay-amd64.tar.gz" \ - && tar -xzf /tmp/s6-overlay-amd64.tar.gz -C / +COPY scripts/install-s6 /tmp/install-s6 +RUN /tmp/install-s6 "${TARGETPLATFORM}" && rm -f /tmp/install-s6 EXPOSE 80 81 443 ENTRYPOINT [ "/init" ] - diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/dependencies.d/prepare b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/dependencies.d/prepare new file mode 100644 index 00000000..e69de29b diff --git a/docker/rootfs/etc/services.d/manager/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run similarity index 79% rename from docker/rootfs/etc/services.d/manager/run rename to docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run index e365f4fb..15b55d40 100755 --- a/docker/rootfs/etc/services.d/manager/run +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/run @@ -1,9 +1,9 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash +# shellcheck shell=bash -mkdir -p /data/letsencrypt-acme-challenge - -cd /app || echo +set -e +echo "❯ Starting backend ..." if [ "$DEVELOPMENT" == "true" ]; then cd /app || exit 1 # If yarn install fails: add --verbose --network-concurrency 1 diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/type b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/type new file mode 100644 index 00000000..5883cff0 --- /dev/null +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/backend/type @@ -0,0 +1 @@ +longrun diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/dependencies.d/prepare b/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/dependencies.d/prepare new file mode 100644 index 00000000..e69de29b diff --git a/docker/rootfs/etc/services.d/frontend/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/run similarity index 77% rename from docker/rootfs/etc/services.d/frontend/run rename to docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/run index a666d53e..ff320a4c 100755 --- a/docker/rootfs/etc/services.d/frontend/run +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/run @@ -1,4 +1,7 @@ -#!/usr/bin/with-contenv bash +#!/command/with-contenv bash +# shellcheck shell=bash + +set -e # This service is DEVELOPMENT only. diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/type b/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/type new file mode 100644 index 00000000..5883cff0 --- /dev/null +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/frontend/type @@ -0,0 +1 @@ +longrun diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/dependencies.d/prepare b/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/dependencies.d/prepare new file mode 100644 index 00000000..e69de29b diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run b/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run new file mode 100755 index 00000000..70ca0cb7 --- /dev/null +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/run @@ -0,0 +1,7 @@ +#!/command/with-contenv bash +# shellcheck shell=bash + +set -e + +echo "❯ Starting nginx ..." +exec nginx diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/type b/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/type new file mode 100644 index 00000000..5883cff0 --- /dev/null +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/nginx/type @@ -0,0 +1 @@ +longrun diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/dependencies.d/base b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/dependencies.d/base new file mode 100644 index 00000000..e69de29b diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/script.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/script.sh new file mode 100755 index 00000000..4b506ca9 --- /dev/null +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/script.sh @@ -0,0 +1,63 @@ +#!/command/with-contenv bash +# shellcheck shell=bash + +set -e + +DATA_PATH=/data + +# Ensure /data is mounted +if [ ! -d "$DATA_PATH" ]; then + echo '--------------------------------------' + echo "ERROR: $DATA_PATH is not mounted! Check your docker configuration." + echo '--------------------------------------' + /run/s6/basedir/bin/halt + exit 1 +fi + +echo "❯ Checking folder structure ..." + +# Create required folders +mkdir -p /tmp/nginx/body \ + /run/nginx \ + /var/log/nginx \ + /data/nginx \ + /data/custom_ssl \ + /data/logs \ + /data/access \ + /data/nginx/default_host \ + /data/nginx/default_www \ + /data/nginx/proxy_host \ + /data/nginx/redirection_host \ + /data/nginx/stream \ + /data/nginx/dead_host \ + /data/nginx/temp \ + /var/lib/nginx/cache/public \ + /var/lib/nginx/cache/private \ + /var/cache/nginx/proxy_temp \ + /data/letsencrypt-acme-challenge + +touch /var/log/nginx/error.log && chmod 777 /var/log/nginx/error.log && chmod -R 777 /var/cache/nginx +chown root /tmp/nginx + +# Dynamically generate resolvers file, if resolver is IPv6, enclose in `[]` +# thanks @tfmm +if [ "$DISABLE_IPV6" == "true" ] || [ "$DISABLE_IPV6" == "on" ] || [ "$DISABLE_IPV6" == "1" ] || [ "$DISABLE_IPV6" == "yes" ]; +then + echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) ipv6=off valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf +else + echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf +fi + +# Handle IPV6 settings +/bin/handle-ipv6-setting /etc/nginx/conf.d +/bin/handle-ipv6-setting /data/nginx + +echo +echo "------------------------------------- + _ _ ____ __ __ +| \ | | _ \| \/ | +| \| | |_) | |\/| | +| |\ | __/| | | | +|_| \_|_| |_| |_| +------------------------------------- +" diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/type b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/type new file mode 100644 index 00000000..bdd22a18 --- /dev/null +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/type @@ -0,0 +1 @@ +oneshot diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/up b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/up new file mode 100644 index 00000000..b58eed6b --- /dev/null +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/prepare/up @@ -0,0 +1,2 @@ +# shellcheck shell=bash +/etc/s6-overlay/s6-rc.d/prepare/script.sh diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/backend b/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/backend new file mode 100644 index 00000000..e69de29b diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/frontend b/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/frontend new file mode 100644 index 00000000..e69de29b diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/nginx b/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/nginx new file mode 100644 index 00000000..e69de29b diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/prepare b/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/prepare new file mode 100644 index 00000000..e69de29b diff --git a/docker/rootfs/etc/services.d/frontend/finish b/docker/rootfs/etc/services.d/frontend/finish deleted file mode 100755 index bca9a35d..00000000 --- a/docker/rootfs/etc/services.d/frontend/finish +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/execlineb -S1 -if { s6-test ${1} -ne 0 } -if { s6-test ${1} -ne 256 } - -s6-svscanctl -t /var/run/s6/services - diff --git a/docker/rootfs/etc/services.d/manager/finish b/docker/rootfs/etc/services.d/manager/finish deleted file mode 100755 index 7d442d6a..00000000 --- a/docker/rootfs/etc/services.d/manager/finish +++ /dev/null @@ -1,3 +0,0 @@ -#!/usr/bin/with-contenv bash - -s6-svscanctl -t /var/run/s6/services diff --git a/docker/rootfs/etc/services.d/nginx/finish b/docker/rootfs/etc/services.d/nginx/finish deleted file mode 120000 index 63b10de4..00000000 --- a/docker/rootfs/etc/services.d/nginx/finish +++ /dev/null @@ -1 +0,0 @@ -/bin/true \ No newline at end of file diff --git a/docker/rootfs/etc/services.d/nginx/run b/docker/rootfs/etc/services.d/nginx/run deleted file mode 100755 index ae1c1b84..00000000 --- a/docker/rootfs/etc/services.d/nginx/run +++ /dev/null @@ -1,38 +0,0 @@ -#!/usr/bin/with-contenv bash - -# Create required folders -mkdir -p /tmp/nginx/body \ - /run/nginx \ - /var/log/nginx \ - /data/nginx \ - /data/custom_ssl \ - /data/logs \ - /data/access \ - /data/nginx/default_host \ - /data/nginx/default_www \ - /data/nginx/proxy_host \ - /data/nginx/redirection_host \ - /data/nginx/stream \ - /data/nginx/dead_host \ - /data/nginx/temp \ - /var/lib/nginx/cache/public \ - /var/lib/nginx/cache/private \ - /var/cache/nginx/proxy_temp - -touch /var/log/nginx/error.log && chmod 777 /var/log/nginx/error.log && chmod -R 777 /var/cache/nginx -chown root /tmp/nginx - -# Dynamically generate resolvers file, if resolver is IPv6, enclose in `[]` -# thanks @tfmm -if [ "$DISABLE_IPV6" == "true" ] || [ "$DISABLE_IPV6" == "on" ] || [ "$DISABLE_IPV6" == "1" ] || [ "$DISABLE_IPV6" == "yes" ]; -then - echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) ipv6=off valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf -else - echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf -fi - -# Handle IPV6 settings -/bin/handle-ipv6-setting /etc/nginx/conf.d -/bin/handle-ipv6-setting /data/nginx - -exec nginx diff --git a/scripts/install-s6 b/docker/scripts/install-s6 similarity index 56% rename from scripts/install-s6 rename to docker/scripts/install-s6 index 8bb85e42..5a5a9c9c 100755 --- a/scripts/install-s6 +++ b/docker/scripts/install-s6 @@ -8,8 +8,8 @@ BLUE='\E[1;34m' GREEN='\E[1;32m' RESET='\E[0m' -S6_OVERLAY_VERSION=1.22.1.0 -TARGETPLATFORM=$1 +S6_OVERLAY_VERSION=3.1.4.1 +TARGETPLATFORM=${1:unspecified} # Determine the correct binary file for the architecture given case $TARGETPLATFORM in @@ -22,13 +22,17 @@ case $TARGETPLATFORM in ;; *) - S6_ARCH=amd64 + S6_ARCH=x86_64 ;; esac echo -e "${BLUE}❯ ${CYAN}Installing S6-overlay v${S6_OVERLAY_VERSION} for ${YELLOW}${TARGETPLATFORM} (${S6_ARCH})${RESET}" -curl -L -o "/tmp/s6-overlay-${S6_ARCH}.tar.gz" "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.gz" \ - && tar -xzf "/tmp/s6-overlay-${S6_ARCH}.tar.gz" -C / +curl -L -o '/tmp/s6-overlay-noarch.tar.xz' "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz" +curl -L -o "/tmp/s6-overlay-${S6_ARCH}.tar.xz" "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.xz" +tar -C / -Jxpf '/tmp/s6-overlay-noarch.tar.xz' +tar -C / -Jxpf "/tmp/s6-overlay-${S6_ARCH}.tar.xz" + +rm -rf "/tmp/s6-overlay-${S6_ARCH}.tar.xz" echo -e "${BLUE}❯ ${GREEN}S6-overlay install Complete${RESET}"