Update .env.tpl

2024-11-14 16:55:42 +00:00 · 2024-08-01 12:00:34 +02:00 · 2024-08-01 12:00:34 +02:00 · 13e4d461c7
commit 13e4d461c7
parent e51dcafa6f
3 changed files with 86 additions and 80 deletions
--- a/.env.tpl
+++ b/.env.tpl
@ -1,32 +1,20 @@
 ##############################################################################
-# Variables for use in Docker Compose YAML files                             #
+# Environment variables used by Docker Compose config files.                 #
 ##############################################################################
 # HINT: Use this bash command `id -u`
 # NOTE: 0 (= root user) is not allowed
 HOST_UID=
 # HINT: Use this bash command `id -g`
 # NOTE: 0 (= root group) is not allowed
 HOST_GID=
 # HINT: Use this bash command `getent group docker | cut -d: -f3`
 HOST_DOCKER_GID=
 # DEFAULT: nopaque
-# DOCKER_DEFAULT_NETWORK_NAME=
+NOPAQUE_DOCKER_NETWORK_NAME=nopaque
 # DEFAULT: ./volumes/db/data
 # NOTE: Use `.` as <project-basedir>
 # DOCKER_DB_SERVICE_DATA_VOLUME_SOURCE_PATH=
 # DEFAULT: ./volumes/mq/data
 # NOTE: Use `.` as <project-basedir>
 # DOCKER_MQ_SERVICE_DATA_VOLUME_SOURCE_PATH=
 # NOTE: This must be a network share and it must be available on all
-#       Docker Swarm nodes, mounted to the same path with the same
+#       Docker Swarm nodes, mounted to the same path.
-#       user and group ownership.
+HOST_NOPAQUE_DATA_PATH=/mnt/nopaque
 DOCKER_NOPAQUE_SERVICE_DATA_VOLUME_SOURCE_PATH=
 # DEFAULT: ./volumes/nopaque/logs
 # NOTE: Use `.` as <project-basedir>
 # DOCKER_NOPAQUE_SERVICE_LOGS_VOLUME_SOURCE_PATH=.
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,62 +1,56 @@
-# The docker-compose.yml file is not meant to be modified itself. 
+# This file is not meant to be modified, use the following files instead:
-# Instead use the following files for configurations:
+# - `.env`: Environment variables available within Docker Compose config files.
-# - .env: Environment variables for the docker-compose.yml file.
+# - `db.env`: Environment variables for the database service.
-# - db.env: Environment variables for the database service.
+# - `nopaque.env`: Environment variables for the nopaque service.
-# - nopaque.env: Environment variables for the nopaque service.
+# - `docker-compose.override.yml`: Override the docker-compose.yml file.
-# - docker-compose.override.yml: Override the docker-compose.yml file.
+#   - The `docker-compose` directory includes examples for this.
 #   - Don't change too much here, it's meant for configurations like exposing
 #     ports for development or adding labels for e.g. traefik.
 networks:
-  default:
+  nopaque:
-    name: "${DOCKER_DEFAULT_NETWORK_NAME:-nopaque}"
+    attachable: true
    driver: "overlay"
    name: "${NOPAQUE_DOCKER_NETWORK_NAME}"
 services:
  db:
-    env_file: db.env
+    env_file: "db.env"
-    image: postgres:11
+    image: "postgres:11"
-    restart: unless-stopped
+    networks:
      - "nopaque"
    restart: "unless-stopped"
    volumes:
-      - type: bind
+      - "./volumes/db/data:/var/lib/postgresql/data"
        source: "${DOCKER_DB_SERVICE_DATA_VOLUME_SOURCE_PATH:-./volumes/db/data}"
        target: "/var/lib/postgresql/data"
  mq:
-    image: redis:6
+    image: "redis:6"
-    restart: unless-stopped
+    networks:
      - "nopaque"
    restart: "unless-stopped"
    volumes:
-      - type: bind
+      - "./volumes/mq/data:/data"
        source: "${DOCKER_MQ_SERVICE_DATA_VOLUME_SOURCE_PATH:-./volumes/mq/data}"
        target: "/data"
  nopaque:
    build: .
    depends_on:
-      - db
+      - "db"
-      - mq
+      - "mq"
    env_file:
-      - nopaque.env
+      - "nopaque.env"
    environment:
-      # This section overrides the values set in the nopaque.env file. Do not
+      # DANGER: Don't change the following environment variables within a
-      # override the environment variables in a docker-compose.override.yml
+      #         Docker Compose config file, use the `.env` file instead.
-      # file unless you really know what you are doing.
+      HOST_UID: "${HOST_UID}"
-      - NOPAQUE_UID=${HOST_UID}
+      HOST_GID: "${HOST_GID}"
-      - NOPAQUE_GID=${HOST_GID}
+      HOST_DOCKER_GID: "${HOST_DOCKER_GID}"
-      - DOCKER_GID=${HOST_DOCKER_GID}
+      NOPAQUE_DATA_PATH: "${HOST_NOPAQUE_DATA_PATH}"
-      - NOPAQUE_DATA_PATH=${DOCKER_NOPAQUE_SERVICE_DATA_VOLUME_SOURCE_PATH}
+      NOPAQUE_DOCKER_NETWORK_NAME: "${NOPAQUE_DOCKER_NETWORK_NAME}"
-      - NOPAQUE_DOCKER_NETWORK_NAME=${DOCKER_DEFAULT_NETWORK_NAME:-nopaque}
+    image: "nopaque:latest"
-      - NOPAQUE_LOGS_PATH=/home/nopaque/logs
+    networks:
-    image: nopaque:latest
+      - "nopaque"
-    restart: unless-stopped
+    restart: "unless-stopped"
    volumes:
-      - type: bind
+      - "/var/run/docker.sock:/var/run/docker.sock"
-        source: "/var/run/docker.sock"
+      - "./volumes/nopaque/logs:/var/log/nopaque"
-        target: "/var/run/docker.sock"
+      # DANGER: Don't change the following mount within a Docker Compose
-      # TODO: Make this less quirky. The target path should be variable.
+      #         config file, use the `.env` file instead.
-      #       In order to achieve this, a cifs volume needs to be configured.
+      - "${HOST_NOPAQUE_DATA_PATH}:${HOST_NOPAQUE_DATA_PATH}"
      - type: bind
        source: "${DOCKER_NOPAQUE_SERVICE_DATA_VOLUME_SOURCE_PATH}"
        target: "${DOCKER_NOPAQUE_SERVICE_DATA_VOLUME_SOURCE_PATH}"
      - type: bind
        source: "${DOCKER_NOPAQUE_SERVICE_LOGS_VOLUME_SOURCE_PATH:-./volumes/nopaque/logs}"
        target: "/home/nopaque/logs"
--- a/docker-nopaque-entrypoint.sh
+++ b/docker-nopaque-entrypoint.sh
@ -7,25 +7,48 @@ CHECK_MARK="\xE2\x9C\x93"
 CROSS_MARK="\xE2\x9D\x8C"
-if [[ "${NOPAQUE_UID}" == "0" ]]; then
+# Check if necessary environment variables are set
 if [[ -z "${HOST_DOCKER_GID}" ]]; then
  echo "Environment variable \"HOST_DOCKER_GID\" not set."
  exit 1
 fi
 if [[ -z "${HOST_UID}" ]]; then
  echo "Environment variable \"HOST_UID\" not set."
  exit 1
 fi
 if [[ -z "${HOST_GID}" ]]; then
  echo "Environment variable \"HOST_GID\" not set."
  exit 1
 fi
 # Check if the UID or GID are set to "0" (root). We want an unprivileged user.
 if [[ "${HOST_UID}" == "0" ]]; then
    echo -e "${RED_COLOR}${CROSS_MARK}${NO_COLOR}"
-    echo "Running as root is not allowed"
+    echo "\"0\" is not allowed for HOST_UID"
    exit 1
 fi
 if [[ "${HOST_GID}" == "0" ]]; then
    echo -e "${RED_COLOR}${CROSS_MARK}${NO_COLOR}"
    echo "\"0\" is not allowed for HOST_GID"
    exit 1
 fi
 echo "Set container UID and GIDs to match the host system..."
 ##############################################################################
-# docker GID                                                                 #
+# Update docker GID                                                          #
 ##############################################################################
-if [[ "${DOCKER_GID}" == "$(getent group docker | cut -d: -f3)" ]]; then
+DOCKER_GID=$(getent group docker | cut -d: -f3)
 if [[ "${DOCKER_GID}" == "${HOST_DOCKER_GID}" ]]; then
    echo -n "- docker GID is already matching..."
    echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
 else
-    echo -n "- Updating docker GID ($(getent group docker | cut -d: -f3) -> ${DOCKER_GID})... "
+    echo -n "- Updating docker GID (${DOCKER_GID} -> ${HOST_DOCKER_GID})... "
-    groupmod --gid "${DOCKER_GID}" docker > /dev/null
+    groupmod --gid "${HOST_DOCKER_GID}" docker > /dev/null
    if [[ "${?}" == "0" ]]; then
        echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
    else
@ -36,16 +59,16 @@ fi
 ##############################################################################
-# nopaque GID                                                                #
+# Update nopaque GID                                                         #
 ##############################################################################
-if [[ "${NOPAQUE_GID}" == "$(id -g nopaque)" ]]; then
+NOPAQUE_GID=$(id -g nopaque)
 if [[ "${NOPAQUE_GID}" == "${HOST_GID}" ]]; then
    echo -n "- nopaque GID is already matching..."
    echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
 else
-    echo -n "- Updating nopaque GID ($(id -g nopaque) -> ${NOPAQUE_GID})... "
+    echo -n "- Updating nopaque GID (${NOPAQUE_GID} -> ${HOST_GID})... "
-    groupmod --gid "${NOPAQUE_GID}" nopaque > /dev/null
+    groupmod --gid "${HOST_GID}" nopaque > /dev/null
    if [[ "${?}" == "0" ]]; then
        HAS_NOPAQUE_GID_CHANGED=true
        echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
    else
        echo -e "${RED_COLOR}${CROSS_MARK}${NO_COLOR}"
@ -64,14 +87,15 @@ fi
 ##############################################################################
-# nopaque UID                                                                #
+# Update nopaque UID                                                         #
 ##############################################################################
-if [[ "${NOPAQUE_UID}" == "$(id -u nopaque)" ]]; then
+NOPAQUE_UID=$(id -u nopaque)
 if [[ "${NOPAQUE_UID}" == "${HOST_UID}" ]]; then
    echo -n "- nopaque UID is already matching..."
    echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
 else
-    echo -n "- Updating nopaque UID ($(id -u nopaque) -> ${NOPAQUE_UID})... "
+    echo -n "- Updating nopaque UID (${NOPAQUE_UID} -> ${HOST_UID})... "
-    usermod --uid "${NOPAQUE_UID}" nopaque > /dev/null
+    usermod --uid "${HOST_UID}" nopaque > /dev/null
    if [[ "${?}" == "0" ]]; then
        echo -e "${GREEN_COLOR}${CHECK_MARK}${NO_COLOR}"
    else