mirror of
https://gitlab.ub.uni-bielefeld.de/sfb1288inf/nopaque.git
synced 2024-11-14 16:55:42 +00:00
Update .env.tpl
This commit is contained in:
Patrick Jentsch
parent
e51dcafa6f
commit
13e4d461c7
22
.env.tpl
22
.env.tpl
@ -1,32 +1,20 @@
|
||||
##############################################################################
|
||||
# Variables for use in Docker Compose YAML files #
|
||||
# Environment variables used by Docker Compose config files. #
|
||||
##############################################################################
|
||||
# HINT: Use this bash command `id -u`
|
||||
# NOTE: 0 (= root user) is not allowed
|
||||
HOST_UID=
|
||||
|
||||
# HINT: Use this bash command `id -g`
|
||||
# NOTE: 0 (= root group) is not allowed
|
||||
HOST_GID=
|
||||
|
||||
# HINT: Use this bash command `getent group docker | cut -d: -f3`
|
||||
HOST_DOCKER_GID=
|
||||
|
||||
# DEFAULT: nopaque
|
||||
# DOCKER_DEFAULT_NETWORK_NAME=
|
||||
|
||||
# DEFAULT: ./volumes/db/data
|
||||
# NOTE: Use `.` as <project-basedir>
|
||||
# DOCKER_DB_SERVICE_DATA_VOLUME_SOURCE_PATH=
|
||||
|
||||
# DEFAULT: ./volumes/mq/data
|
||||
# NOTE: Use `.` as <project-basedir>
|
||||
# DOCKER_MQ_SERVICE_DATA_VOLUME_SOURCE_PATH=
|
||||
NOPAQUE_DOCKER_NETWORK_NAME=nopaque
|
||||
|
||||
# NOTE: This must be a network share and it must be available on all
|
||||
# Docker Swarm nodes, mounted to the same path with the same
|
||||
# user and group ownership.
|
||||
DOCKER_NOPAQUE_SERVICE_DATA_VOLUME_SOURCE_PATH=
|
||||
|
||||
# DEFAULT: ./volumes/nopaque/logs
|
||||
# NOTE: Use `.` as <project-basedir>
|
||||
# DOCKER_NOPAQUE_SERVICE_LOGS_VOLUME_SOURCE_PATH=.
|
||||
# Docker Swarm nodes, mounted to the same path.
|
||||
HOST_NOPAQUE_DATA_PATH=/mnt/nopaque
|
||||
|
||||
@ -1,62 +1,56 @@
|
||||
# The docker-compose.yml file is not meant to be modified itself.
|
||||
# Instead use the following files for configurations:
|
||||
# - .env: Environment variables for the docker-compose.yml file.
|
||||
# - db.env: Environment variables for the database service.
|
||||
# - nopaque.env: Environment variables for the nopaque service.
|
||||
# - docker-compose.override.yml: Override the docker-compose.yml file.
|
||||
# - Don't change too much here, it's meant for configurations like exposing
|
||||
# ports for development or adding labels for e.g. traefik.
|
||||
# This file is not meant to be modified, use the following files instead:
|
||||
# - `.env`: Environment variables available within Docker Compose config files.
|
||||
# - `db.env`: Environment variables for the database service.
|
||||
# - `nopaque.env`: Environment variables for the nopaque service.
|
||||
# - `docker-compose.override.yml`: Override the docker-compose.yml file.
|
||||
# - The `docker-compose` directory includes examples for this.
|
||||
|
||||
networks:
|
||||
default:
|
||||
name: "${DOCKER_DEFAULT_NETWORK_NAME:-nopaque}"
|
||||
nopaque:
|
||||
attachable: true
|
||||
driver: "overlay"
|
||||
name: "${NOPAQUE_DOCKER_NETWORK_NAME}"
|
||||
|
||||
services:
|
||||
db:
|
||||
env_file: db.env
|
||||
image: postgres:11
|
||||
restart: unless-stopped
|
||||
env_file: "db.env"
|
||||
image: "postgres:11"
|
||||
networks:
|
||||
- "nopaque"
|
||||
restart: "unless-stopped"
|
||||
volumes:
|
||||
- type: bind
|
||||
source: "${DOCKER_DB_SERVICE_DATA_VOLUME_SOURCE_PATH:-./volumes/db/data}"
|
||||
target: "/var/lib/postgresql/data"
|
||||
- "./volumes/db/data:/var/lib/postgresql/data"
|
||||
|
||||
mq:
|
||||
image: redis:6
|
||||
restart: unless-stopped
|
||||
image: "redis:6"
|
||||
networks:
|
||||
- "nopaque"
|
||||
restart: "unless-stopped"
|
||||
volumes:
|
||||
- type: bind
|
||||
source: "${DOCKER_MQ_SERVICE_DATA_VOLUME_SOURCE_PATH:-./volumes/mq/data}"
|
||||
target: "/data"
|
||||
- "./volumes/mq/data:/data"
|
||||
|
||||
nopaque:
|
||||
build: .
|
||||
depends_on:
|
||||
- db
|
||||
- mq
|
||||
- "db"
|
||||
- "mq"
|
||||
env_file:
|
||||
- nopaque.env
|
||||
- "nopaque.env"
|
||||
environment:
|
||||
# This section overrides the values set in the nopaque.env file. Do not
|
||||
# override the environment variables in a docker-compose.override.yml
|
||||
# file unless you really know what you are doing.
|
||||
- NOPAQUE_UID=${HOST_UID}
|
||||
- NOPAQUE_GID=${HOST_GID}
|
||||
- DOCKER_GID=${HOST_DOCKER_GID}
|
||||
- NOPAQUE_DATA_PATH=${DOCKER_NOPAQUE_SERVICE_DATA_VOLUME_SOURCE_PATH}
|
||||
- NOPAQUE_DOCKER_NETWORK_NAME=${DOCKER_DEFAULT_NETWORK_NAME:-nopaque}
|
||||
- NOPAQUE_LOGS_PATH=/home/nopaque/logs
|
||||
image: nopaque:latest
|
||||
restart: unless-stopped
|
||||
# DANGER: Don't change the following environment variables within a
|
||||
# Docker Compose config file, use the `.env` file instead.
|
||||
HOST_UID: "${HOST_UID}"
|
||||
HOST_GID: "${HOST_GID}"
|
||||
HOST_DOCKER_GID: "${HOST_DOCKER_GID}"
|
||||
NOPAQUE_DATA_PATH: "${HOST_NOPAQUE_DATA_PATH}"
|
||||
NOPAQUE_DOCKER_NETWORK_NAME: "${NOPAQUE_DOCKER_NETWORK_NAME}"
|
||||
image: "nopaque:latest"
|
||||
networks:
|
||||
- "nopaque"
|
||||
restart: "unless-stopped"
|
||||
volumes:
|
||||
- type: bind
|
||||
source: "/var/run/docker.sock"
|
||||
target: "/var/run/docker.sock"
|
||||
# TODO: Make this less quirky. The target path should be variable.
|
||||
# In order to achieve this, a cifs volume needs to be configured.
|
||||
- type: bind
|
||||
source: "${DOCKER_NOPAQUE_SERVICE_DATA_VOLUME_SOURCE_PATH}"
|
||||
target: "${DOCKER_NOPAQUE_SERVICE_DATA_VOLUME_SOURCE_PATH}"
|
||||
- type: bind
|
||||
source: "${DOCKER_NOPAQUE_SERVICE_LOGS_VOLUME_SOURCE_PATH:-./volumes/nopaque/logs}"
|
||||
target: "/home/nopaque/logs"
|
||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
||||
- "./volumes/nopaque/logs:/var/log/nopaque"
|
||||
# DANGER: Don't change the following mount within a Docker Compose
|
||||
# config file, use the `.env` file instead.
|
||||
- "${HOST_NOPAQUE_DATA_PATH}:${HOST_NOPAQUE_DATA_PATH}"
|
||||
|
||||
@ -7,25 +7,48 @@ CHECK_MARK="\xE2\x9C\x93"
|
||||
CROSS_MARK="\xE2\x9D\x8C"
|
||||
|
||||
|
||||
if [[ "${NOPAQUE_UID}" == "0" ]]; then
|
||||
# Check if necessary environment variables are set
|
||||
if [[ -z "${HOST_DOCKER_GID}" ]]; then
|
||||
echo "Environment variable \"HOST_DOCKER_GID\" not set."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ -z "${HOST_UID}" ]]; then
|
||||
echo "Environment variable \"HOST_UID\" not set."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ -z "${HOST_GID}" ]]; then
|
||||
echo "Environment variable \"HOST_GID\" not set."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
||||
# Check if the UID or GID are set to "0" (root). We want an unprivileged user.
|
||||
if [[ "${HOST_UID}" == "0" ]]; then
|
||||
echo -e "${RED_COLOR}${CROSS_MARK}${NO_COLOR}"
|
||||
echo "Running as root is not allowed"
|
||||
echo "\"0\" is not allowed for HOST_UID"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ "${HOST_GID}" == "0" ]]; then
|
||||
echo -e "${RED_COLOR}${CROSS_MARK}${NO_COLOR}"
|
||||
echo "\"0\" is not allowed for HOST_GID"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
||||
echo "Set container UID and GIDs to match the host system..."
|
||||
|
||||
|
||||
##############################################################################
|
||||
# docker GID #
|
||||
# Update docker GID #
|
||||
##############################################################################
|
||||
if [[ "${DOCKER_GID}" == "$(getent group docker | cut -d: -f3)" ]]; then
|
||||
DOCKER_GID=$(getent group docker | cut -d: -f3)
|
||||
if [[ "${DOCKER_GID}" == "${HOST_DOCKER_GID}" ]]; then
|
||||
echo -n "- docker GID is already matching..."
|
||||
echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
|
||||
else
|
||||
echo -n "- Updating docker GID ($(getent group docker | cut -d: -f3) -> ${DOCKER_GID})... "
|
||||
groupmod --gid "${DOCKER_GID}" docker > /dev/null
|
||||
echo -n "- Updating docker GID (${DOCKER_GID} -> ${HOST_DOCKER_GID})... "
|
||||
groupmod --gid "${HOST_DOCKER_GID}" docker > /dev/null
|
||||
if [[ "${?}" == "0" ]]; then
|
||||
echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
|
||||
else
|
||||
@ -36,16 +59,16 @@ fi
|
||||
|
||||
|
||||
##############################################################################
|
||||
# nopaque GID #
|
||||
# Update nopaque GID #
|
||||
##############################################################################
|
||||
if [[ "${NOPAQUE_GID}" == "$(id -g nopaque)" ]]; then
|
||||
NOPAQUE_GID=$(id -g nopaque)
|
||||
if [[ "${NOPAQUE_GID}" == "${HOST_GID}" ]]; then
|
||||
echo -n "- nopaque GID is already matching..."
|
||||
echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
|
||||
else
|
||||
echo -n "- Updating nopaque GID ($(id -g nopaque) -> ${NOPAQUE_GID})... "
|
||||
groupmod --gid "${NOPAQUE_GID}" nopaque > /dev/null
|
||||
echo -n "- Updating nopaque GID (${NOPAQUE_GID} -> ${HOST_GID})... "
|
||||
groupmod --gid "${HOST_GID}" nopaque > /dev/null
|
||||
if [[ "${?}" == "0" ]]; then
|
||||
HAS_NOPAQUE_GID_CHANGED=true
|
||||
echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
|
||||
else
|
||||
echo -e "${RED_COLOR}${CROSS_MARK}${NO_COLOR}"
|
||||
@ -64,14 +87,15 @@ fi
|
||||
|
||||
|
||||
##############################################################################
|
||||
# nopaque UID #
|
||||
# Update nopaque UID #
|
||||
##############################################################################
|
||||
if [[ "${NOPAQUE_UID}" == "$(id -u nopaque)" ]]; then
|
||||
NOPAQUE_UID=$(id -u nopaque)
|
||||
if [[ "${NOPAQUE_UID}" == "${HOST_UID}" ]]; then
|
||||
echo -n "- nopaque UID is already matching..."
|
||||
echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
|
||||
else
|
||||
echo -n "- Updating nopaque UID ($(id -u nopaque) -> ${NOPAQUE_UID})... "
|
||||
usermod --uid "${NOPAQUE_UID}" nopaque > /dev/null
|
||||
echo -n "- Updating nopaque UID (${NOPAQUE_UID} -> ${HOST_UID})... "
|
||||
usermod --uid "${HOST_UID}" nopaque > /dev/null
|
||||
if [[ "${?}" == "0" ]]; then
|
||||
echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
|
||||
else
|
||||
|
||||
Loading…
Reference in New Issue
Block a user