From d16a21758fe18a99f8070191243216ba0908ae1c Mon Sep 17 00:00:00 2001 From: "flow.gunso" Date: Sat, 4 Jan 2020 10:07:24 +0100 Subject: [PATCH] Move Dockerfile and assets, add labels for MicroBadger --- assets/cron/Dockerfile | 67 ---------------- seafile-client/Dockerfile | 77 +++++++++++++++++++ .../docker-entrypoint.sh | 25 ++++-- seafile-client/import-seafile-apt-key.sh | 27 +++++++ .../seafile-entrypoint.sh | 13 +++- .../seafile-healthcheck.sh | 2 +- 6 files changed, 132 insertions(+), 79 deletions(-) delete mode 100644 assets/cron/Dockerfile create mode 100644 seafile-client/Dockerfile rename {assets/cron => seafile-client}/docker-entrypoint.sh (76%) create mode 100644 seafile-client/import-seafile-apt-key.sh rename {assets/cron => seafile-client}/seafile-entrypoint.sh (75%) rename {assets/cron => seafile-client}/seafile-healthcheck.sh (97%) diff --git a/assets/cron/Dockerfile b/assets/cron/Dockerfile deleted file mode 100644 index a6eb293..0000000 --- a/assets/cron/Dockerfile +++ /dev/null @@ -1,67 +0,0 @@ -# Docker Seafile client, help you mount a Seafile library as a volume. -# Copyright (C) 2019, flow.gunso@gmail.com -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . - -FROM debian:buster-slim - -# Prevent the packages installation to halt. -ENV DEBIAN_FRONTEND noninteractive -# Create the seafile client user. -ENV UNAME=seafuser -ENV UID=1000 -ENV GID=1000 -ENV SEAF_SKIP_SSL_CERT=1 - -# Copy over the Docker related files. -COPY utils/build/import-seafile-apt-key.sh / -COPY assets/cron/docker-entrypoint.sh /entrypoint.sh - -# Safely import Seafile APT key, then install both seafile-cli and supervisord. -RUN mkdir -p /etc/apt/sources.list.d/ && \ - apt-get update && \ - apt-get install -y gnupg && \ - echo "deb http://deb.seadrive.org buster main" \ - > /etc/apt/sources.list.d/seafile.list && \ - bash /import-seafile-apt-key.sh && \ - apt-get remove -y gnupg && \ - apt-get autoremove -y && \ - apt-get update && \ - apt-get install \ - -o Dpkg::Options::="--force-confold" \ - -y \ - seafile-cli \ - cron && \ - apt-get clean && \ - apt-get autoclean \ - -o APT::Clean-Installed=true && \ - rm \ - -rf \ - /var/log/fsck/*.log \ - /var/log/apt/*.log \ - /var/cache/debconf/*.dat-old \ - /var/lib/apt/lists/* \ - /import-seafile-apt-key.sh && \ - mkdir /volume/ && \ - echo "seafuser" > /etc/cron.allow && \ - echo "*/20 * * * * /bin/bash /home/seafuser/seafile-healthcheck.sh" \ - > /var/spool/cron/crontabs/seafuser && \ - groupadd -g $GID -o $UNAME && \ - useradd -m -u $UID -g $GID -o -s /bin/bash $UNAME - -# Copy over the required files for Seafile/SupervisorD. -COPY assets/cron/seafile-healthcheck.sh /home/seafuser/seafile-healthcheck.sh -COPY assets/cron/seafile-entrypoint.sh /home/seafuser/entrypoint.sh - -ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] diff --git a/seafile-client/Dockerfile b/seafile-client/Dockerfile new file mode 100644 index 0000000..ca49d49 --- /dev/null +++ b/seafile-client/Dockerfile @@ -0,0 +1,77 @@ +# Docker Seafile client, help you mount a Seafile library as a volume. +# Copyright (C) 2019-2020, flow.gunso@gmail.com +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +FROM debian:buster-slim + +# For MicroBadger. +ARG BUILD_DATE +ARG VCS_REF +ARG VERSION +LABEL org.label-schema.build-date=$BUILD_DATE \ + org.label-schema.name="Seafile Docker client" \ + org.label-schema.description="Sync Seafile librairies within Docker containers." \ + org.label-schema.url=$CI_PROJECT_URL \ + org.label-schema.vcs-ref=$VCS_REF \ + org.label-schema.vcs-url=$CI_PROJECT_URL \ + org.label-schema.vendor="flow.gunso@gmail.com" \ + org.label-schema.version=$VERSION \ + org.label-schema.schema-version="1.0" + +# Prevent the packages installation to halt. +ENV DEBIAN_FRONTEND noninteractive +# Create the Seafile client's user. +ENV UNAME=seafuser +ENV UID=1000 +ENV GID=1000 +# Seafile optional configuration. +ENV SEAF_SKIP_SSL_CERT=1 + +# Safely import Seafile APT key, then install both seafile-cli and supervisord. +COPY import-seafile-apt-key.sh / +RUN apt-get update && apt-get install -y gnupg && \ + mkdir -p /etc/apt/sources.list.d/ && \ + echo "deb http://deb.seadrive.org buster main" > /etc/apt/sources.list.d/seafile.list && \ + bash /import-seafile-apt-key.sh && \ + apt-get purge --yes gnupg && apt-get autoremove --yes && \ + apt-get update && apt-get install \ + --no-install-recommends \ + --yes \ + seafile-cli \ + oathtool \ + cron && \ + apt-get clean && apt-get autoclean && \ + rm -rf \ + /var/log/fsck/*.log \ + /var/log/apt/*.log \ + /var/cache/debconf/*.dat-old \ + /var/lib/apt/lists/* \ + /import-seafile-apt-key.sh && \ + mkdir /volume/ && \ + echo "seafuser" > /etc/cron.allow && \ + echo "*/20 * * * * /bin/bash /home/seafuser/healthcheck.sh" \ + > /var/spool/cron/crontabs/seafuser && \ + groupadd -g $GID -o $UNAME && \ + useradd -m -u $UID -g $GID -o -s /bin/bash $UNAME + +# Copy over the entrypoints, healthchecks and tests. +COPY docker-entrypoint.sh /entrypoint.sh +COPY seafile-healthcheck.sh /home/seafuser/healthcheck.sh +COPY seafile-entrypoint.sh /home/seafuser/entrypoint.sh +COPY tests /tests + +# Set bash as the entrypoint and run the entrypoint script from that. +ENTRYPOINT ["/bin/bash"] +CMD ["/entrypoint.sh"] \ No newline at end of file diff --git a/assets/cron/docker-entrypoint.sh b/seafile-client/docker-entrypoint.sh similarity index 76% rename from assets/cron/docker-entrypoint.sh rename to seafile-client/docker-entrypoint.sh index 7849471..17f0792 100644 --- a/assets/cron/docker-entrypoint.sh +++ b/seafile-client/docker-entrypoint.sh @@ -1,7 +1,7 @@ #!/bin/bash # Docker Seafile client, help you mount a Seafile library as a volume. -# Copyright (C) 2019, flow.gunso@gmail.com +# Copyright (C) 2019-2020, flow.gunso@gmail.com # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -33,18 +33,27 @@ if [ -z $SEAF_LIBRARY_UUID ]; then echo "The \$SEAF_LIBRARY_UUID is not defined. Stopping container..." exit 1 fi -if [ -n "$SEAF_UPLOAD_LIMIT" ] -&& [[ $SEAF_UPLOAD_LIMIT =~ ^[0-9]+$ ]] -&& [ "$SEAF_UPLOAD_LIMIT" -gt 0 ]; then +if [[ -n "$SEAF_UPLOAD_LIMIT" +&& $SEAF_UPLOAD_LIMIT =~ ^[0-9]+$ +&& "$SEAF_UPLOAD_LIMIT" -gt 0 ]]; then echo "The \$SEAF_UPLOAD_LIMIT is not an integer greater than 0. Stopping container..." exit 1 fi -if [ -n "$SEAF_DOWNLOAD_LIMIT" ] -&& [[ $SEAF_DOWNLOAD_LIMIT =~ ^[0-9]+$ ]] -&& [ "$SEAF_DOWNLOAD_LIMIT" -gt 0 ]; then +if [[ -n "$SEAF_DOWNLOAD_LIMIT" +&& $SEAF_DOWNLOAD_LIMIT =~ ^[0-9]+$ +&& "$SEAF_DOWNLOAD_LIMIT" -gt 0 ]]; then echo "The \$SEAF_DOWNLOAD_LIMIT is not an integer greater than 0. Stopping container..." exit 1 fi +if [ -n "$SEAF_2FA_SECRET" ]; then + curl -X POST http://2fa:1880/auth \ + -H "Content-Type: application/json" \ + -d '{"secret":"YWAMNW7YTTB2QDU6ENTJ4LIPUYFUG4SW","key":"docker-seaf-cli","desc":"/"}' + if [ $? -ne 0 ]; then + echo "Could create an 2FA token provider at $SEAF_2FA_PROVIDER. curl error $?" + exit 1 + fi +fi # Update the user ID, if the $UID changed. if [ "$UID" != "1000" ]; then @@ -76,6 +85,8 @@ su - $UNAME << EO export SEAF_SKIP_SSL_CERT=$SEAF_SKIP_SSL_CERT test -n "$SEAF_UPLOAD_LIMIT" && export SEAF_UPLOAD_LIMIT=$SEAF_UPLOAD_LIMIT test -n "$SEAF_DOWNLOAD_LIMIT" && export SEAF_DOWNLOAD_LIMIT=$SEAF_DOWNLOAD_LIMIT + test -n "$SEAF_2FA_SECRET" && export SEAF_2FA_SECRET=$SEAF_2FA_SECRET + test -n "$SEAF_LIBRARY_PASSWORD" && export SEAF_LIBRARY_PASSWORD=$SEAF_LIBRARY_PASSWORD export UNAME=$UNAME /bin/bash /home/seafuser/entrypoint.sh EO diff --git a/seafile-client/import-seafile-apt-key.sh b/seafile-client/import-seafile-apt-key.sh new file mode 100644 index 0000000..3a4db2c --- /dev/null +++ b/seafile-client/import-seafile-apt-key.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +# Docker Seafile client, help you mount a Seafile library as a volume. +# Copyright (C) 2019-2020, flow.gunso@gmail.com +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +not_imported=true +while $not_imported; do + apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 8756C4F765C9AC3CB6B85D62379CE192D401AB61 + if [ $? -eq 0 ]; then + not_imported=false + else + sleep 5 + fi +done \ No newline at end of file diff --git a/assets/cron/seafile-entrypoint.sh b/seafile-client/seafile-entrypoint.sh similarity index 75% rename from assets/cron/seafile-entrypoint.sh rename to seafile-client/seafile-entrypoint.sh index dbf22e3..f98208b 100644 --- a/assets/cron/seafile-entrypoint.sh +++ b/seafile-client/seafile-entrypoint.sh @@ -1,7 +1,7 @@ #!/bin/bash # Docker Seafile client, help you mount a Seafile library as a volume. -# Copyright (C) 2019, flow.gunso@gmail.com +# Copyright (C) 2019-2020, flow.gunso@gmail.com # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -35,8 +35,13 @@ while [ ! -S $seafile_sock ]; do sleep 1; done test "$SEAF_SKIP_SSL_CERT" = true && seaf-cli config -k disable_verify_certificate -v true # Set the upload/download limits -test -n "$SEAF_UPLOAD_LIMIT" && seaf-cli config -k upload_limit -v $SEAF_UPLOAD_LIMIT +test -n "$SEAF_PLOAD_LIMIT" && seaf-cli config -k upload_limit -v $SEAF_UPLOAD_LIMIT test -n "$SEAF_DOWNLOAD_LIMIT" && seaf-cli config -k download_limit -v $SEAF_DOWNLOAD_LIMIT -# Start the synchronisation. -/usr/bin/seaf-cli sync -u $SEAF_USERNAME -p $SEAF_PASSWORD -s $SEAF_SERVER_URL -l $SEAF_LIBRARY_UUID -d /volume \ No newline at end of file +# Build the seaf-cli sync command. +cmd="seaf-cli sync -u $SEAF_USERNAME -p $SEAF_PASSWORD -s $SEAF_SERVER_URL -l $SEAF_LIBRARY_UUID" +test $SEAF_2FA_SECRET && cmd+=" -a $(oathlib --base32 --totp $SEAF_2FA_SECRET)" +test $SEAF_LIBRARY_PASSWORD && cmd+=" -e $SEAF_LIBRARY_PASSWORD" + +# Run it. +if ! eval $cmd; then echo "Failed to sync"; exit 1; fi \ No newline at end of file diff --git a/assets/cron/seafile-healthcheck.sh b/seafile-client/seafile-healthcheck.sh similarity index 97% rename from assets/cron/seafile-healthcheck.sh rename to seafile-client/seafile-healthcheck.sh index 663e03b..1bd54e3 100755 --- a/assets/cron/seafile-healthcheck.sh +++ b/seafile-client/seafile-healthcheck.sh @@ -1,7 +1,7 @@ #!/bin/bash # Docker Seafile client, help you mount a Seafile library as a volume. -# Copyright (C) 2019, flow.gunso@gmail.com +# Copyright (C) 2019-2020, flow.gunso@gmail.com # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by