From def535c1230b0e9643b953af1138e5c257f72c86 Mon Sep 17 00:00:00 2001 From: Endial Fang Date: Thu, 10 Sep 2020 09:11:32 +0800 Subject: [PATCH] =?UTF-8?q?[fix]=E6=A2=B3=E7=90=86=E8=84=9A=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 2 +- Makefile | 33 +-- alpine/customer/usr/sbin/create_user | 7 +- alpine/customer/usr/sbin/prepare_env | 2 +- alpine/prebuilds/usr/local/scripts/helpers | 5 - .../prebuilds/usr/local/scripts/libcommon.sh | 119 ++++++++++ alpine/prebuilds/usr/local/scripts/libfile.sh | 78 +++++++ alpine/prebuilds/usr/local/scripts/libfs.sh | 107 +++++++++ .../local/scripts/{functions => liblog.sh} | 41 +--- alpine/prebuilds/usr/local/scripts/libos.sh | 109 +++++++++ .../prebuilds/usr/local/scripts/libservice.sh | 87 +++++++ .../usr/local/scripts/libvalidations.sh | 213 ++++++++++++++++++ alpine/prebuilds/usr/sbin/download_pkg | 7 +- alpine/prebuilds/usr/sbin/install_pkg | 24 +- customer/usr/sbin/create_user | 1 + prebuilds/usr/local/scripts/helpers | 5 - prebuilds/usr/local/scripts/libcommon.sh | 119 ++++++++++ prebuilds/usr/local/scripts/libfile.sh | 78 +++++++ prebuilds/usr/local/scripts/libfs.sh | 107 +++++++++ .../local/scripts/{functions => liblog.sh} | 41 +--- prebuilds/usr/local/scripts/libos.sh | 109 +++++++++ prebuilds/usr/local/scripts/libservice.sh | 87 +++++++ prebuilds/usr/local/scripts/libvalidations.sh | 213 ++++++++++++++++++ prebuilds/usr/sbin/download_pkg | 9 +- prebuilds/usr/sbin/install_pkg | 25 +- 25 files changed, 1507 insertions(+), 121 deletions(-) delete mode 100644 alpine/prebuilds/usr/local/scripts/helpers create mode 100644 alpine/prebuilds/usr/local/scripts/libcommon.sh create mode 100644 alpine/prebuilds/usr/local/scripts/libfile.sh create mode 100644 alpine/prebuilds/usr/local/scripts/libfs.sh rename alpine/prebuilds/usr/local/scripts/{functions => liblog.sh} (52%) create mode 100644 alpine/prebuilds/usr/local/scripts/libos.sh create mode 100644 alpine/prebuilds/usr/local/scripts/libservice.sh create mode 100644 alpine/prebuilds/usr/local/scripts/libvalidations.sh delete mode 100644 prebuilds/usr/local/scripts/helpers create mode 100644 prebuilds/usr/local/scripts/libcommon.sh create mode 100644 prebuilds/usr/local/scripts/libfile.sh create mode 100644 prebuilds/usr/local/scripts/libfs.sh rename prebuilds/usr/local/scripts/{functions => liblog.sh} (52%) create mode 100644 prebuilds/usr/local/scripts/libos.sh create mode 100644 prebuilds/usr/local/scripts/libservice.sh create mode 100644 prebuilds/usr/local/scripts/libvalidations.sh diff --git a/Dockerfile b/Dockerfile index 24a3ef9..1b1ece9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -# Ver: 1.0 by Endial Fang (endial@126.com) +# Ver: 1.2 by Endial Fang (endial@126.com) # FROM debian:buster-slim diff --git a/Makefile b/Makefile index bb28506..2edad99 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -# Ver: 1.2 by Endial Fang (endial@126.com) +# Ver: 1.4 by Endial Fang (endial@126.com) # # 当前 Docker 镜像的编译脚本 @@ -6,13 +6,20 @@ debian_name := colovu/dbuilder alpine_name := colovu/abuilder local_registory := repo-dev.konkawise.com -# 生成镜像TAG,类似:<镜像名>:<分支名>- 或 <镜像名>:latest-<年月日>-<时分秒> +# 生成镜像TAG,类似: +# <镜像名>:<分支名>- # Git 仓库且无文件修改直接编译 +# <镜像名>:<分支名>-<年月日>-<时分秒> # Git 仓库有文件修改后的编译 +# <镜像名>:latest-<年月日>-<时分秒> # 非 Git 仓库编译 current_subversion:=$(shell if [[ -d .git ]]; then git rev-parse --short HEAD; else date +%y%m%d-%H%M%S; fi) current_tag:=$(shell if [[ -d .git ]]; then git rev-parse --abbrev-ref HEAD | sed -e 's/master/latest/'; else echo "latest"; fi)-$(current_subversion) # Sources List: default / tencent / ustc / aliyun / huawei build-arg:=--build-arg apt_source=tencent +# 设置本地下载服务器路径,加速调试时的本地编译速度 +local_ip:=`ifconfig -a|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print $$2}'|tr -d "addr:"` +build-arg+=--build-arg local_url=http://$(local_ip)/dist-files + .PHONY: build clean clearclean upgrade tag push build: @@ -33,24 +40,24 @@ clean: clearclean: clean @echo "Clean all images for current application..." - @docker images | grep "$(debian_name)" | awk '{print $$3}' | xargs docker rmi -f - @docker images | grep "$(alpine_name)" | awk '{print $$3}' | xargs docker rmi -f + @docker images | grep "$(debian_name) " | awk '{print $$3}' | xargs docker rmi -f + @docker images | grep "$(alpine_name) " | awk '{print $$3}' | xargs docker rmi -f tag: + @echo "Add tag: $(local_registory)/$(debian_name):latest" + @docker tag $(debian_name):latest $(local_registory)/$(debian_name):latest @echo "Add tag: $(local_registory)/$(alpine_name):latest" - @docker tag $(debian_name) $(local_registory)/$(debian_name) - @echo "Add tag: $(local_registory)/$(alpine_name):latest" - @docker tag $(alpine_name) $(local_registory)/$(alpine_name) + @docker tag $(alpine_name):latest $(local_registory)/$(alpine_name):latest push: tag + @echo "Push: $(local_registory)/$(debian_name):latest" + @docker push $(local_registory)/$(debian_name):latest @echo "Push: $(local_registory)/$(alpine_name):latest" - @docker push $(local_registory)/$(debian_name) - @echo "Push: $(local_registory)/$(alpine_name):latest" - @docker push $(local_registory)/$(alpine_name) + @docker push $(local_registory)/$(alpine_name):latest + @echo "Push: $(debian_name):latest" + @docker push $(debian_name):latest @echo "Push: $(alpine_name):latest" - @docker push $(debian_name) - @echo "Push: $(alpine_name):latest" - @docker push $(alpine_name) + @docker push $(alpine_name):latest # 更新所有 colovu 仓库的镜像 upgrade: diff --git a/alpine/customer/usr/sbin/create_user b/alpine/customer/usr/sbin/create_user index 54cab9e..d392110 100755 --- a/alpine/customer/usr/sbin/create_user +++ b/alpine/customer/usr/sbin/create_user @@ -1,8 +1,9 @@ -#!/bin/sh +#!/bin/bash # shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行) set -eux -addgroup -g 998 -S builder -adduser -g 998 -u 999 -s /bin/bash -h /srv/data -D -S builder +addgroup -g 998 -S ${APP_USER} +adduser -g 998 -u 999 -s /bin/bash -h ${APP_DATA_DIR} -D -S ${APP_USER} +# 如果需要 sudo 权限,需要安装 su 软件包:apk add sudo sed -i -e 's/^\sDefaults\s*secure_path\s*=/# Defaults secure_path=/' /etc/sudoers echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers \ No newline at end of file diff --git a/alpine/customer/usr/sbin/prepare_env b/alpine/customer/usr/sbin/prepare_env index 8a1b47a..09fe293 100755 --- a/alpine/customer/usr/sbin/prepare_env +++ b/alpine/customer/usr/sbin/prepare_env @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行) set -eux mkdir -p /srv/data /srv/conf \ No newline at end of file diff --git a/alpine/prebuilds/usr/local/scripts/helpers b/alpine/prebuilds/usr/local/scripts/helpers deleted file mode 100644 index a4179aa..0000000 --- a/alpine/prebuilds/usr/local/scripts/helpers +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -# Ver: 1.0 by Endial Fang (endial@126.com) - -. /usr/local/scripts/functions - diff --git a/alpine/prebuilds/usr/local/scripts/libcommon.sh b/alpine/prebuilds/usr/local/scripts/libcommon.sh new file mode 100644 index 0000000..4b10d1f --- /dev/null +++ b/alpine/prebuilds/usr/local/scripts/libcommon.sh @@ -0,0 +1,119 @@ +#!/bin/bash +# Ver: 1.3 by Endial Fang (endial@126.com) +# +# 通用函数库 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 打印包含包含Logo的欢迎信息 +print_welcome_info() { + [[ -n "${APP_NAME}" ]] && github_url="/docker-${APP_NAME}" + + LOG_I ' ____ _ ' + LOG_I ' / ___|___ | | _____ ___ _ ' + LOG_I '| | / _ \| |/ _ \ \ / / | | | '"Docker : ${BOLD}${APP_NAME:-undefined}${RESET}" + LOG_I '| |__| (_) | | (_) \ V /| |_| | '"Version: ${BOLD}${APP_VERSION:-0.0}${RESET}" + LOG_I ' \____\___/|_|\___/ \_/ \__,_| '"PowerBy: ${BOLD}Endial@126.com${RESET}" + LOG_D " Project Repo: https://github.com/colovu/${github_url:-}" + LOG_I "" +} + +# 根据需要打印欢迎信息 +print_image_welcome() { + if [[ "$(id -u)" = "0" ]]; then + print_welcome_info + fi +} + +# 检测可能导致容器执行后直接退出的命令,如"--help";如果存在,直接返回 0 +# 参数: +# $1 - 待检测的参数表 +print_command_help() { + local arg + for arg; do + case "$arg" in + -'?'|--help|-V|--version) + exec "${APP_EXEC:-/bin/bash}" "${arg}" + exit + ;; + esac + done +} + +# 检测应用相应的配置文件是否存在,如果不存在,则从默认配置文件目录拷贝一份 +# 默认配置文件路径:/etc/${APP_NAME} +# 目标配置文件路径:/srv/conf/${APP_NAME} +# 参数: +# $1 - 基础路径 +# $* - 基础路径下的文件及目录列表,以" "分割 +# 例子: +# ensure_config_file_exist /etc/${APP_NAME} conf.d server.conf +ensure_config_file_exist() { + local -r base_path="${1:?paths is missing}" + local f="" + local dist="" + + shift 1 + LOG_D "List to check: $@" + while [ "$#" -gt 0 ]; do + f="${1}" + LOG_D " Process \"${f}\"" + if [ -d "${base_path}/${f}" ]; then + dist="$(echo ${base_path}/${f} | sed -e 's/\/etc/\/srv\/conf/g')" + [[ ! -d "${dist}" ]] && LOG_D " Create directory: ${dist}" && mkdir -p "${dist}" + [[ ! -z $(ls -A "${base_path}/${f}") ]] && ensure_config_file_exist "${base_path}/${f}" $(ls -A "${base_path}/${f}") + else + dist="$(echo ${base_path}/${f} | sed -e 's/\/etc/\/srv\/conf/g')" + [[ ! -e "${dist}" ]] && LOG_D " Copy: ${base_path}/${f} ===> ${dist}" && cp "${base_path}/${f}" "${dist}" && rm -rf "/srv/conf/${APP_NAME}/.app_init_flag" + fi + shift + done +} + +# 根据脚本扩展名及权限,执行相应的初始化脚本 +# 参数: +# $1 - 文件列表,支持路径通配符 +# 使用: +# process_init_files [file [file [...]]] +# 例子: +# process_init_files /src/conf/${APP_NAME}/initdb.d/* +process_init_files() { + echo + local f + for f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + LOG_I "$0: running $f" + "$f" + else + LOG_I "$0: sourcing $f" + . "$f" + fi + ;; + *) LOG_W "$0: ignoring $f" ;; + esac + echo + done +} + +# 检测当前是否为 root 用户 +is_root() { + if [[ "$(id -u)" = "0" ]]; then + LOG_D "Run as root." + true + else + LOG_D "Run as non-root: $(id -u)" + false + fi +} + +# 检测当前脚本是被直接执行的,还是从其他脚本中使用 "source" 调用的 +is_sourced() { + [ "${#FUNCNAME[@]}" -ge 2 ] \ + && [ "${FUNCNAME[0]}" = 'is_sourced' ] \ + && [ "${FUNCNAME[1]}" = 'source' ] +} diff --git a/alpine/prebuilds/usr/local/scripts/libfile.sh b/alpine/prebuilds/usr/local/scripts/libfile.sh new file mode 100644 index 0000000..1e664c1 --- /dev/null +++ b/alpine/prebuilds/usr/local/scripts/libfile.sh @@ -0,0 +1,78 @@ +#!/bin/bash +# Ver: 1.0 by Endial Fang (endial@126.com) +# +# 文件操作函数库 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 检测"*_FILE"文件,并从文件中读取信息作为参数值;环境变量不允许 VAR 与 VAR_FILE 方式并存 +# 变量: +# $1 - 需要设置的环境变量名称 +# $2 - 该变量对应的默认值(Option) +# +# 使用: file_env ENV_VAR [DEFAULT] +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + LOG_E "Both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + + local val="$def" + if [ "${!var:-}" ]; then + val="${!var}" + elif [ "${!fileVar:-}" ]; then + val="$(< "${!fileVar}")" + fi + + export "$var"="$val" + unset "$fileVar" +} + +# 使用规则表达式在文件中替换数据 +# 参数: +# $1 - 文件名 +# $2 - 正则表达式 +# $3 - 替代数据表达式 +# $4 - 是否使用POSIX表达式. Default: true +replace_in_file() { + local filename="${1:?filename is required}" + local match_regex="${2:?match regex is required}" + local substitute_regex="${3:?substitute regex is required}" + local posix_regex=${4:-true} + + local result + + # 因部分系统兼容性问题,需要防止使用 'sed in-place' 方式操作 + if [[ $posix_regex = true ]]; then + result="$(sed -E "s@$match_regex@$substitute_regex@g" "$filename")" + else + result="$(sed "s@$match_regex@$substitute_regex@g" "$filename")" + fi + echo "$result" > "$filename" +} + +# 使用规则表达式在文件中删除数据 +# 参数: +# $1 - 文件名 +# $2 - 正则表达式 +# $3 - 是否使用POSIX表达式. Default: true +remove_in_file() { + local filename="${1:?filename is required}" + local match_regex="${2:?match regex is required}" + local posix_regex=${3:-true} + local result + + # 因部分系统兼容性问题,需要防止使用 'sed in-place' 方式操作 + if [[ $posix_regex = true ]]; then + result="$(sed -E "/$match_regex/d" "$filename")" + else + result="$(sed "/$match_regex/d" "$filename")" + fi + echo "$result" > "$filename" +} diff --git a/alpine/prebuilds/usr/local/scripts/libfs.sh b/alpine/prebuilds/usr/local/scripts/libfs.sh new file mode 100644 index 0000000..1f3c60d --- /dev/null +++ b/alpine/prebuilds/usr/local/scripts/libfs.sh @@ -0,0 +1,107 @@ +#!/bin/bash +# Ver: 1.1 by Endial Fang (endial@126.com) +# +# 文件管理函数库 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 检测目录是否存在,如果不存在则创建,同时修改为指定的用户 +# 参数: +# $1 - 目录路径 +# $2 - 用户 +ensure_dir_exists() { + local dir="${1:?directory is missing}" + local owner="${2:-}" + + mkdir -p "${dir}" + if [[ -n $owner ]]; then + chown "$owner":"$owner" "$dir" + fi +} + +# 检测目录是否存在或为空 +# 参数: +# $1 - 目录路径 +is_dir_empty() { + local dir="${1:?missing directory}" + + if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then + true + else + false + fi +} + +# 循环设置目录中子目录及文件权限 +# 参数: +# $1 - paths (as a string). +# Flags: +# -f|--file-mode - 文件权限模式 +# -d|--dir-mode - 目录权限模式 +# -u|--user - 用户 +# -g|--group - 用户组 +configure_permissions_ownership() { + local -r paths="${1:?paths is missing}" + local dir_mode="" + local file_mode="" + local user="" + local group="" + + # Validate arguments + shift 1 + while [ "$#" -gt 0 ]; do + case "$1" in + -f|--file-mode) + shift + file_mode="${1:?missing mode for files}" + ;; + -d|--dir-mode) + shift + dir_mode="${1:?missing mode for directories}" + ;; + -u|--user) + shift + user="${1:?missing user}" + ;; + -g|--group) + shift + group="${1:?missing group}" + ;; + *) + LOG_E "Invalid command line flag $1" >&2 + return 1 + ;; + esac + shift + done + + read -r -a filepaths <<< "$paths" + for p in "${filepaths[@]}"; do + if [[ -e "$p" ]]; then + LOG_D "Check $p" + if [[ -n ${dir_mode} ]]; then + LOG_D "Change permissions to ${dir_mode} of directories in $p" + find -L "$p" -type d -print | xargs -i chmod "${dir_mode}" '{}' + fi + if [[ -n ${file_mode} ]]; then + LOG_D "Change permissions to ${file_mode} of files in $p" + find -L "$p" -type f -print | xargs -i chmod "${file_mode}" '{}' + fi + if [[ -n $user ]] && [[ -n ${group} ]]; then + LOG_D "Change ownership to ${user}:${group} of files and directories in $p" + find -L "$p" \( \! -user ${user} -or \! -group ${group} \) -print | xargs -i chown -L "${user}":"${group}" '{}' + elif [[ -n $user ]] && [[ -z $group ]]; then + LOG_D "Change user to ${user} of files and directories in $p" + find -L "$p" \! -user ${user} -print | xargs -i chown -L "${user}" '{}' + elif [[ -z $user ]] && [[ -n $group ]]; then + LOG_D "Change group to ${group} of files and directories in $p" + find -L "$p" \! -group ${group} -print | xargs -i chgrp -L "${group}" '{}' + fi + else + LOG_E "$p does not exist" + fi + done +} diff --git a/alpine/prebuilds/usr/local/scripts/functions b/alpine/prebuilds/usr/local/scripts/liblog.sh similarity index 52% rename from alpine/prebuilds/usr/local/scripts/functions rename to alpine/prebuilds/usr/local/scripts/liblog.sh index 0f6807d..09b4933 100644 --- a/alpine/prebuilds/usr/local/scripts/functions +++ b/alpine/prebuilds/usr/local/scripts/liblog.sh @@ -1,7 +1,7 @@ #!/bin/bash -# Ver: 1.0 by Endial Fang (endial@126.com) +# Ver: 1.1 by Endial Fang (endial@126.com) -[[ ${ENV_DEBUG:-false} = true ]] && set -x +#[[ ${ENV_DEBUG:-false} = true ]] && set -x MODULE="$(basename "$0")" @@ -40,7 +40,8 @@ stderr_print() { # $1 - 日志类型 # $2 - 日志信息 LOG() { - stderr_print "${ENV_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" + #stderr_print "${ENV_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" + printf "${ENV_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}%s}${RESET} %b\n" "$(date "+%T")" "${*}" } # 输出调试类日志信息,尽量少使用 @@ -51,7 +52,7 @@ LOG_D() { local -r bool="${ENV_DEBUG:-false}" shopt -s nocasematch if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - LOG "${BLUE}DEBUG${RESET} ==> ${*}" + LOG "${BLUE}DBG${RESET}: ${*}" fi } @@ -60,7 +61,7 @@ LOG_D() { # $1 - 日志类型 # $2 - 日志信息 LOG_I() { - LOG "${GREEN}INFO ${RESET} ==> ${*}" + LOG "${GREEN}INF${RESET}: ${*}" } # 输出警告类日志信息至sterr @@ -68,7 +69,7 @@ LOG_I() { # $1 - 日志类型 # $2 - 日志信息 LOG_W() { - LOG "${YELLOW}WARN ${RESET} ==> ${*}" + LOG "${YELLOW}WRN${RESET}: ${*}" } # 输出错误类日志信息至sterr,并退出脚本 @@ -76,31 +77,5 @@ LOG_W() { # $1 - 日志类型 # $2 - 日志信息 LOG_E() { - LOG "${RED}ERROR${RESET} ==> ${*}" + LOG "${RED}ERR${RESET}: ${*}" } - -# 打印包含包含Logo的欢迎信息 -# 全局变量: -# APP_NAME -print_image_welcome_page() { - [[ -n "${APP_NAME}" ]] && github_url="/docker-${APP_NAME}" - - LOG_I ' ____ _ ' - LOG_I ' / ___|___ | | _____ ___ _ ' - LOG_I '| | / _ \| |/ _ \ \ / / | | | '"Docker : ${BOLD}${APP_NAME:-undefined}${RESET}" - LOG_I '| |__| (_) | | (_) \ V /| |_| | '"Version: ${BOLD}${APP_VERSION:-0.0}${RESET}" - LOG_I ' \____\___/|_|\___/ \_/ \__,_| '"PowerBy: ${BOLD}Endial@126.com${RESET}" - LOG_D " Project Repo: https://github.com/colovu/${github_url}" - LOG_I "" - -} - -# 根据需要打印欢迎信息 -# 全局变量: -# ENV_DISABLE_WELCOME_MESSAGE -# APP_NAME -docker_print_welcome() { - if [[ "$(id -u)" = "0" ]]; then - print_image_welcome_page - fi -} \ No newline at end of file diff --git a/alpine/prebuilds/usr/local/scripts/libos.sh b/alpine/prebuilds/usr/local/scripts/libos.sh new file mode 100644 index 0000000..047fa9d --- /dev/null +++ b/alpine/prebuilds/usr/local/scripts/libos.sh @@ -0,0 +1,109 @@ +#!/bin/bash +# Ver: 1.2 by Endial Fang (endial@126.com) +# +# 操作系统控制函数库 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 检测指定用户账户是否存在 +# 参数: +# $1 - 用户账户 +user_exists() { + local user="${1:?user is missing}" + id "$user" >/dev/null 2>&1 +} + +# 检测指定用户分组是否存在 +# 参数: +# $1 - 用户组 +group_exists() { + local group="${1:?group is missing}" + getent group "$group" >/dev/null 2>&1 +} + +# 获取系统可用内存大小(MB)信息 +get_total_memory() { + echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) +} + +# 获取以定量方式描述的内存大小 +# 参数: +# $1 - 内存大小 (MB,可选) +get_machine_size() { + local memory="${1:-}" + if [[ -z "$memory" ]]; then + debug "Memory was not specified, detecting available memory automatically" + memory="$(get_total_memory)" + fi + sanitized_memory=$(convert_to_mb "$memory") + if [[ "$sanitized_memory" -gt 26000 ]]; then + echo 2xlarge + elif [[ "$sanitized_memory" -gt 13000 ]]; then + echo xlarge + elif [[ "$sanitized_memory" -gt 6000 ]]; then + echo large + elif [[ "$sanitized_memory" -gt 3000 ]]; then + echo medium + elif [[ "$sanitized_memory" -gt 1500 ]]; then + echo small + else + echo micro + fi +} + +# 获取已定义的所有内存大小描述 +get_supported_machine_sizes() { + echo micro small medium large xlarge 2xlarge +} + +# 将以字符串表示的内存大小转换为以MB为单位的内存大小值 (i.e. 2G -> 2048) +# 参数: +# $1 - 内存大小 +convert_to_mb() { + local amount="${1:-}" + if [[ $amount =~ ^([0-9]+)(M|G) ]]; then + size="${BASH_REMATCH[1]}" + unit="${BASH_REMATCH[2]}" + if [[ "$unit" = "G" ]]; then + amount="$((size * 1024))" + else + amount="$size" + fi + fi + echo "$amount" +} + +# 如果禁用调试模式,将输出信息重定向至 /dev/null +# 参数: +# $@ - 待执行的命令 +debug_execute() { + local -r bool="${ENV_DEBUG:-false}" + shopt -s nocasematch + if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then + "$@" + else + "$@" >/dev/null 2>&1 + fi +} + +# 重试执行命令 +# 参数: +# $1 - cmd (as a string) +# $2 - 最大尝试次数. Default: 12 +# $3 - 重试前等待时间(秒). Default: 5 +retry_while() { + local -r cmd="${1:?cmd is missing}" + local -r retries="${2:-12}" + local -r sleep_time="${3:-5}" + local return_value=1 + + read -r -a command <<< "$cmd" + for ((i = 1 ; i <= retries ; i+=1 )); do + "${command[@]}" && return_value=0 && break + sleep "$sleep_time" + done + return $return_value +} diff --git a/alpine/prebuilds/usr/local/scripts/libservice.sh b/alpine/prebuilds/usr/local/scripts/libservice.sh new file mode 100644 index 0000000..bbf90b4 --- /dev/null +++ b/alpine/prebuilds/usr/local/scripts/libservice.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# Ver: 1.0 by Endial Fang (endial@126.com) +# +# 服务管理函数库 + +# shellcheck disable=SC1091 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 获取并返回服务 PID +# 参数: +# $1 - PID 文件 +get_pid_from_file() { + local pid_file="${1:?pid file is missing}" + + if [[ -f "$pid_file" ]]; then + if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then + echo "$(< "$pid_file")" + fi + fi +} + +# 检测 PID 对应的服务是否在运行中 +# 参数: +# $1 - PID +is_service_running() { + local pid="${1:?pid is missing}" + + kill -0 "$pid" 2>/dev/null +} + +# 通过发送信号停止一个指定的服务 +# 参数: +# $1 - PID 文件 +# $2 - 信号 (可选) +stop_service_using_pid() { + local pid_file="${1:?pid file is missing}" + local signal="${2:-}" + local pid + + pid="$(get_pid_from_file "$pid_file")" + [[ -z "$pid" ]] || ! is_service_running "$pid" && return + + if [[ -n "$signal" ]]; then + kill "-${signal}" "$pid" + else + kill "$pid" + fi + + local counter=10 + while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do + sleep 1 + counter=$((counter - 1)) + done +} + +# 生成一个 Logrotate 配置文件 +# 参数: +# $1 - 应用名称 +# $2 - 日志路径及日志文件名 +# $3 - 周期 +# $4 - Rotations 存储的数量 +# $5 - 其他参数 (可选) +generate_logrotate_conf() { + local service_name="${1:?service name is missing}" + local log_path="${2:?log path is missing}" + local period="${3:-weekly}" + local rotations="${4:-150}" + local extra_options="${5:-}" + local logrotate_conf_dir="/etc/logrotate.d" + + mkdir -p "$logrotate_conf_dir" + cat >"${logrotate_conf_dir}/${service_name}" <<-'EOF' + ${log_path} { + ${period} + rotate ${rotations} + dateext + compress + copytruncate + missingok + ${extra_options} + } +EOF +} diff --git a/alpine/prebuilds/usr/local/scripts/libvalidations.sh b/alpine/prebuilds/usr/local/scripts/libvalidations.sh new file mode 100644 index 0000000..be29b14 --- /dev/null +++ b/alpine/prebuilds/usr/local/scripts/libvalidations.sh @@ -0,0 +1,213 @@ +#!/bin/bash +# Ver: 1.0 by Endial Fang (endial@126.com) +# +# 数据有效性校验函数库 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 检测数据是否为整数 +# 参数: +# $1 - 待检测的数据 +is_int() { + local -r int="${1:?missing value}" + if [[ "$int" =~ ^-?[0-9]+ ]]; then + true + else + false + fi +} + +# 检测数据是否为正整数 +# 参数: +# $1 - 待检测的数据 +is_positive_int() { + local -r int="${1:?missing value}" + if is_int "$int" && (( "${int}" >= 0 )); then + true + else + false + fi +} + +# 检测数据是否为布尔值 '1' 或字符串 'yes/true' +# 参数: +# $1 - 待检测的数据 +is_boolean_yes() { + local -r bool="${1:-}" + # comparison is performed without regard to the case of alphabetic characters + shopt -s nocasematch + if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then + true + else + false + fi +} + +# 检测数据是否为字符串 'yes/no' +# 参数: +# $1 - 待检测的数据 +is_yes_no_value() { + local -r bool="${1:-}" + if [[ "$bool" =~ ^(yes|no)$ ]]; then + true + else + false + fi +} + +# 检测数据是否为字符串 'true/false' +# 参数: +# $1 - 待检测的数据 +is_true_false_value() { + local -r bool="${1:-}" + if [[ "$bool" =~ ^(true|false)$ ]]; then + true + else + false + fi +} + +# 检测提供的参数是否为空字符串或未定义 +# 参数: +# $1 - 待检测的数据 +is_empty_value() { + local -r val="${1:-}" + if [[ -z "$val" ]]; then + true + else + false + fi +} + +# 检测数据是否为有效的端口号 +# 参数: +# $1 - 待检测的数据 +# 返回值: +# 布尔值 或 错误消息 +validate_port() { + local value + local unprivileged=0 + + # Parse flags + while [[ "$#" -gt 0 ]]; do + case "$1" in + -unprivileged) + unprivileged=1 + ;; + --) + shift + break + ;; + -*) + LOG_E "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + if [[ "$#" -gt 1 ]]; then + LOG_E "too many arguments provided" + return 2 + elif [[ "$#" -eq 0 ]]; then + LOG_E "missing port argument" + return 1 + else + value=$1 + fi + + if [[ -z "$value" ]]; then + LOG_E "the value is empty" + return 1 + else + if ! is_int "$value"; then + LOG_W "value is not an integer" + return 2 + elif [[ "$value" -lt 0 ]]; then + LOG_W "negative value provided" + return 2 + elif [[ "$value" -gt 65535 ]]; then + LOG_W "requested port is greater than 65535" + return 2 + elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then + LOG_W "privileged port requested" + return 3 + fi + fi +} + +# 检测数据是否为有效的IPv4地址 +# 参数: +# $1 - 待检测的数据 +validate_ipv4() { + local ip="${1:?ip is missing}" + local stat=1 + + if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then + read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" + [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ + && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] + stat=$? + fi + return $stat +} + +# 校验字符串格式 +# 参数: +# $1 - 待检测的数据 +validate_string() { + local string + local min_length=-1 + local max_length=-1 + + # Parse flags + while [ "$#" -gt 0 ]; do + case "$1" in + -min-length) + shift + min_length=${1:-} + ;; + -max-length) + shift + max_length=${1:-} + ;; + --) + shift + break + ;; + -*) + LOG_E "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + if [ "$#" -gt 1 ]; then + LOG_E "too many arguments provided" + return 2 + elif [ "$#" -eq 0 ]; then + LOG_W "missing string" + return 1 + else + string=$1 + fi + + if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then + LOG_I "string length is less than $min_length" + return 1 + fi + if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then + LOG_I "string length is great than $max_length" + return 1 + fi +} \ No newline at end of file diff --git a/alpine/prebuilds/usr/sbin/download_pkg b/alpine/prebuilds/usr/sbin/download_pkg index b6ceddc..45bd36e 100755 --- a/alpine/prebuilds/usr/sbin/download_pkg +++ b/alpine/prebuilds/usr/sbin/download_pkg @@ -1,6 +1,9 @@ #!/bin/bash +# Ver: 1.0 by Endial Fang (endial@126.com) +# # shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行) -. /usr/local/scripts/functions +set -eux +. /usr/local/scripts/liblog.sh print_usage() { LOG "Usage: download_pkg \"\" [OPTIONS]" @@ -151,7 +154,7 @@ case "$1" in if which bsdtar >/dev/null 2>&1; then bsdtar -xf $CACHE_ROOT/$PACKAGE else - tar xzf $CACHE_ROOT/$PACKAGE + tar xzf $CACHE_ROOT/$PACKAGE --no-same-owner fi ;; esac diff --git a/alpine/prebuilds/usr/sbin/install_pkg b/alpine/prebuilds/usr/sbin/install_pkg index be2c83e..712d3c1 100755 --- a/alpine/prebuilds/usr/sbin/install_pkg +++ b/alpine/prebuilds/usr/sbin/install_pkg @@ -1,19 +1,21 @@ #!/bin/sh +# Ver: 1.0 by Endial Fang (endial@126.com) +# # shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行) set -eux print_usage() { - LOG "Usage: install_pkg " - LOG "" - LOG "Download and install packages" - LOG "" - LOG "Options:" - LOG " -h, --help Show this help message and exit." - LOG "" - LOG "Examples:" - LOG " - Unpack package" - LOG " \$ install_pkg bash curl" - LOG "" + echo "Usage: install_pkg " + echo "" + echo "Download and install packages" + echo "" + echo "Options:" + echo " -h, --help Show this help message and exit." + echo "" + echo "Examples:" + echo " - Unpack package" + echo " \$ install_pkg bash curl" + echo "" } if [ $# -lt 1 ]; then diff --git a/customer/usr/sbin/create_user b/customer/usr/sbin/create_user index 1cd2f93..f5be01e 100755 --- a/customer/usr/sbin/create_user +++ b/customer/usr/sbin/create_user @@ -4,5 +4,6 @@ set -eux groupadd --gid 998 --system builder useradd --gid 998 --uid 999 --shell /bin/bash --home /srv/data --system builder +# 如果需要 sudo 权限,需要安装 su 软件包:apk add sudo sed -i -e 's/^\sDefaults\s*secure_path\s*=/# Defaults secure_path=/' /etc/sudoers echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers \ No newline at end of file diff --git a/prebuilds/usr/local/scripts/helpers b/prebuilds/usr/local/scripts/helpers deleted file mode 100644 index a4179aa..0000000 --- a/prebuilds/usr/local/scripts/helpers +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -# Ver: 1.0 by Endial Fang (endial@126.com) - -. /usr/local/scripts/functions - diff --git a/prebuilds/usr/local/scripts/libcommon.sh b/prebuilds/usr/local/scripts/libcommon.sh new file mode 100644 index 0000000..4b10d1f --- /dev/null +++ b/prebuilds/usr/local/scripts/libcommon.sh @@ -0,0 +1,119 @@ +#!/bin/bash +# Ver: 1.3 by Endial Fang (endial@126.com) +# +# 通用函数库 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 打印包含包含Logo的欢迎信息 +print_welcome_info() { + [[ -n "${APP_NAME}" ]] && github_url="/docker-${APP_NAME}" + + LOG_I ' ____ _ ' + LOG_I ' / ___|___ | | _____ ___ _ ' + LOG_I '| | / _ \| |/ _ \ \ / / | | | '"Docker : ${BOLD}${APP_NAME:-undefined}${RESET}" + LOG_I '| |__| (_) | | (_) \ V /| |_| | '"Version: ${BOLD}${APP_VERSION:-0.0}${RESET}" + LOG_I ' \____\___/|_|\___/ \_/ \__,_| '"PowerBy: ${BOLD}Endial@126.com${RESET}" + LOG_D " Project Repo: https://github.com/colovu/${github_url:-}" + LOG_I "" +} + +# 根据需要打印欢迎信息 +print_image_welcome() { + if [[ "$(id -u)" = "0" ]]; then + print_welcome_info + fi +} + +# 检测可能导致容器执行后直接退出的命令,如"--help";如果存在,直接返回 0 +# 参数: +# $1 - 待检测的参数表 +print_command_help() { + local arg + for arg; do + case "$arg" in + -'?'|--help|-V|--version) + exec "${APP_EXEC:-/bin/bash}" "${arg}" + exit + ;; + esac + done +} + +# 检测应用相应的配置文件是否存在,如果不存在,则从默认配置文件目录拷贝一份 +# 默认配置文件路径:/etc/${APP_NAME} +# 目标配置文件路径:/srv/conf/${APP_NAME} +# 参数: +# $1 - 基础路径 +# $* - 基础路径下的文件及目录列表,以" "分割 +# 例子: +# ensure_config_file_exist /etc/${APP_NAME} conf.d server.conf +ensure_config_file_exist() { + local -r base_path="${1:?paths is missing}" + local f="" + local dist="" + + shift 1 + LOG_D "List to check: $@" + while [ "$#" -gt 0 ]; do + f="${1}" + LOG_D " Process \"${f}\"" + if [ -d "${base_path}/${f}" ]; then + dist="$(echo ${base_path}/${f} | sed -e 's/\/etc/\/srv\/conf/g')" + [[ ! -d "${dist}" ]] && LOG_D " Create directory: ${dist}" && mkdir -p "${dist}" + [[ ! -z $(ls -A "${base_path}/${f}") ]] && ensure_config_file_exist "${base_path}/${f}" $(ls -A "${base_path}/${f}") + else + dist="$(echo ${base_path}/${f} | sed -e 's/\/etc/\/srv\/conf/g')" + [[ ! -e "${dist}" ]] && LOG_D " Copy: ${base_path}/${f} ===> ${dist}" && cp "${base_path}/${f}" "${dist}" && rm -rf "/srv/conf/${APP_NAME}/.app_init_flag" + fi + shift + done +} + +# 根据脚本扩展名及权限,执行相应的初始化脚本 +# 参数: +# $1 - 文件列表,支持路径通配符 +# 使用: +# process_init_files [file [file [...]]] +# 例子: +# process_init_files /src/conf/${APP_NAME}/initdb.d/* +process_init_files() { + echo + local f + for f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + LOG_I "$0: running $f" + "$f" + else + LOG_I "$0: sourcing $f" + . "$f" + fi + ;; + *) LOG_W "$0: ignoring $f" ;; + esac + echo + done +} + +# 检测当前是否为 root 用户 +is_root() { + if [[ "$(id -u)" = "0" ]]; then + LOG_D "Run as root." + true + else + LOG_D "Run as non-root: $(id -u)" + false + fi +} + +# 检测当前脚本是被直接执行的,还是从其他脚本中使用 "source" 调用的 +is_sourced() { + [ "${#FUNCNAME[@]}" -ge 2 ] \ + && [ "${FUNCNAME[0]}" = 'is_sourced' ] \ + && [ "${FUNCNAME[1]}" = 'source' ] +} diff --git a/prebuilds/usr/local/scripts/libfile.sh b/prebuilds/usr/local/scripts/libfile.sh new file mode 100644 index 0000000..1e664c1 --- /dev/null +++ b/prebuilds/usr/local/scripts/libfile.sh @@ -0,0 +1,78 @@ +#!/bin/bash +# Ver: 1.0 by Endial Fang (endial@126.com) +# +# 文件操作函数库 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 检测"*_FILE"文件,并从文件中读取信息作为参数值;环境变量不允许 VAR 与 VAR_FILE 方式并存 +# 变量: +# $1 - 需要设置的环境变量名称 +# $2 - 该变量对应的默认值(Option) +# +# 使用: file_env ENV_VAR [DEFAULT] +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + LOG_E "Both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + + local val="$def" + if [ "${!var:-}" ]; then + val="${!var}" + elif [ "${!fileVar:-}" ]; then + val="$(< "${!fileVar}")" + fi + + export "$var"="$val" + unset "$fileVar" +} + +# 使用规则表达式在文件中替换数据 +# 参数: +# $1 - 文件名 +# $2 - 正则表达式 +# $3 - 替代数据表达式 +# $4 - 是否使用POSIX表达式. Default: true +replace_in_file() { + local filename="${1:?filename is required}" + local match_regex="${2:?match regex is required}" + local substitute_regex="${3:?substitute regex is required}" + local posix_regex=${4:-true} + + local result + + # 因部分系统兼容性问题,需要防止使用 'sed in-place' 方式操作 + if [[ $posix_regex = true ]]; then + result="$(sed -E "s@$match_regex@$substitute_regex@g" "$filename")" + else + result="$(sed "s@$match_regex@$substitute_regex@g" "$filename")" + fi + echo "$result" > "$filename" +} + +# 使用规则表达式在文件中删除数据 +# 参数: +# $1 - 文件名 +# $2 - 正则表达式 +# $3 - 是否使用POSIX表达式. Default: true +remove_in_file() { + local filename="${1:?filename is required}" + local match_regex="${2:?match regex is required}" + local posix_regex=${3:-true} + local result + + # 因部分系统兼容性问题,需要防止使用 'sed in-place' 方式操作 + if [[ $posix_regex = true ]]; then + result="$(sed -E "/$match_regex/d" "$filename")" + else + result="$(sed "/$match_regex/d" "$filename")" + fi + echo "$result" > "$filename" +} diff --git a/prebuilds/usr/local/scripts/libfs.sh b/prebuilds/usr/local/scripts/libfs.sh new file mode 100644 index 0000000..1f3c60d --- /dev/null +++ b/prebuilds/usr/local/scripts/libfs.sh @@ -0,0 +1,107 @@ +#!/bin/bash +# Ver: 1.1 by Endial Fang (endial@126.com) +# +# 文件管理函数库 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 检测目录是否存在,如果不存在则创建,同时修改为指定的用户 +# 参数: +# $1 - 目录路径 +# $2 - 用户 +ensure_dir_exists() { + local dir="${1:?directory is missing}" + local owner="${2:-}" + + mkdir -p "${dir}" + if [[ -n $owner ]]; then + chown "$owner":"$owner" "$dir" + fi +} + +# 检测目录是否存在或为空 +# 参数: +# $1 - 目录路径 +is_dir_empty() { + local dir="${1:?missing directory}" + + if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then + true + else + false + fi +} + +# 循环设置目录中子目录及文件权限 +# 参数: +# $1 - paths (as a string). +# Flags: +# -f|--file-mode - 文件权限模式 +# -d|--dir-mode - 目录权限模式 +# -u|--user - 用户 +# -g|--group - 用户组 +configure_permissions_ownership() { + local -r paths="${1:?paths is missing}" + local dir_mode="" + local file_mode="" + local user="" + local group="" + + # Validate arguments + shift 1 + while [ "$#" -gt 0 ]; do + case "$1" in + -f|--file-mode) + shift + file_mode="${1:?missing mode for files}" + ;; + -d|--dir-mode) + shift + dir_mode="${1:?missing mode for directories}" + ;; + -u|--user) + shift + user="${1:?missing user}" + ;; + -g|--group) + shift + group="${1:?missing group}" + ;; + *) + LOG_E "Invalid command line flag $1" >&2 + return 1 + ;; + esac + shift + done + + read -r -a filepaths <<< "$paths" + for p in "${filepaths[@]}"; do + if [[ -e "$p" ]]; then + LOG_D "Check $p" + if [[ -n ${dir_mode} ]]; then + LOG_D "Change permissions to ${dir_mode} of directories in $p" + find -L "$p" -type d -print | xargs -i chmod "${dir_mode}" '{}' + fi + if [[ -n ${file_mode} ]]; then + LOG_D "Change permissions to ${file_mode} of files in $p" + find -L "$p" -type f -print | xargs -i chmod "${file_mode}" '{}' + fi + if [[ -n $user ]] && [[ -n ${group} ]]; then + LOG_D "Change ownership to ${user}:${group} of files and directories in $p" + find -L "$p" \( \! -user ${user} -or \! -group ${group} \) -print | xargs -i chown -L "${user}":"${group}" '{}' + elif [[ -n $user ]] && [[ -z $group ]]; then + LOG_D "Change user to ${user} of files and directories in $p" + find -L "$p" \! -user ${user} -print | xargs -i chown -L "${user}" '{}' + elif [[ -z $user ]] && [[ -n $group ]]; then + LOG_D "Change group to ${group} of files and directories in $p" + find -L "$p" \! -group ${group} -print | xargs -i chgrp -L "${group}" '{}' + fi + else + LOG_E "$p does not exist" + fi + done +} diff --git a/prebuilds/usr/local/scripts/functions b/prebuilds/usr/local/scripts/liblog.sh similarity index 52% rename from prebuilds/usr/local/scripts/functions rename to prebuilds/usr/local/scripts/liblog.sh index 0f6807d..09b4933 100644 --- a/prebuilds/usr/local/scripts/functions +++ b/prebuilds/usr/local/scripts/liblog.sh @@ -1,7 +1,7 @@ #!/bin/bash -# Ver: 1.0 by Endial Fang (endial@126.com) +# Ver: 1.1 by Endial Fang (endial@126.com) -[[ ${ENV_DEBUG:-false} = true ]] && set -x +#[[ ${ENV_DEBUG:-false} = true ]] && set -x MODULE="$(basename "$0")" @@ -40,7 +40,8 @@ stderr_print() { # $1 - 日志类型 # $2 - 日志信息 LOG() { - stderr_print "${ENV_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" + #stderr_print "${ENV_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" + printf "${ENV_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}%s}${RESET} %b\n" "$(date "+%T")" "${*}" } # 输出调试类日志信息,尽量少使用 @@ -51,7 +52,7 @@ LOG_D() { local -r bool="${ENV_DEBUG:-false}" shopt -s nocasematch if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - LOG "${BLUE}DEBUG${RESET} ==> ${*}" + LOG "${BLUE}DBG${RESET}: ${*}" fi } @@ -60,7 +61,7 @@ LOG_D() { # $1 - 日志类型 # $2 - 日志信息 LOG_I() { - LOG "${GREEN}INFO ${RESET} ==> ${*}" + LOG "${GREEN}INF${RESET}: ${*}" } # 输出警告类日志信息至sterr @@ -68,7 +69,7 @@ LOG_I() { # $1 - 日志类型 # $2 - 日志信息 LOG_W() { - LOG "${YELLOW}WARN ${RESET} ==> ${*}" + LOG "${YELLOW}WRN${RESET}: ${*}" } # 输出错误类日志信息至sterr,并退出脚本 @@ -76,31 +77,5 @@ LOG_W() { # $1 - 日志类型 # $2 - 日志信息 LOG_E() { - LOG "${RED}ERROR${RESET} ==> ${*}" + LOG "${RED}ERR${RESET}: ${*}" } - -# 打印包含包含Logo的欢迎信息 -# 全局变量: -# APP_NAME -print_image_welcome_page() { - [[ -n "${APP_NAME}" ]] && github_url="/docker-${APP_NAME}" - - LOG_I ' ____ _ ' - LOG_I ' / ___|___ | | _____ ___ _ ' - LOG_I '| | / _ \| |/ _ \ \ / / | | | '"Docker : ${BOLD}${APP_NAME:-undefined}${RESET}" - LOG_I '| |__| (_) | | (_) \ V /| |_| | '"Version: ${BOLD}${APP_VERSION:-0.0}${RESET}" - LOG_I ' \____\___/|_|\___/ \_/ \__,_| '"PowerBy: ${BOLD}Endial@126.com${RESET}" - LOG_D " Project Repo: https://github.com/colovu/${github_url}" - LOG_I "" - -} - -# 根据需要打印欢迎信息 -# 全局变量: -# ENV_DISABLE_WELCOME_MESSAGE -# APP_NAME -docker_print_welcome() { - if [[ "$(id -u)" = "0" ]]; then - print_image_welcome_page - fi -} \ No newline at end of file diff --git a/prebuilds/usr/local/scripts/libos.sh b/prebuilds/usr/local/scripts/libos.sh new file mode 100644 index 0000000..047fa9d --- /dev/null +++ b/prebuilds/usr/local/scripts/libos.sh @@ -0,0 +1,109 @@ +#!/bin/bash +# Ver: 1.2 by Endial Fang (endial@126.com) +# +# 操作系统控制函数库 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 检测指定用户账户是否存在 +# 参数: +# $1 - 用户账户 +user_exists() { + local user="${1:?user is missing}" + id "$user" >/dev/null 2>&1 +} + +# 检测指定用户分组是否存在 +# 参数: +# $1 - 用户组 +group_exists() { + local group="${1:?group is missing}" + getent group "$group" >/dev/null 2>&1 +} + +# 获取系统可用内存大小(MB)信息 +get_total_memory() { + echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) +} + +# 获取以定量方式描述的内存大小 +# 参数: +# $1 - 内存大小 (MB,可选) +get_machine_size() { + local memory="${1:-}" + if [[ -z "$memory" ]]; then + debug "Memory was not specified, detecting available memory automatically" + memory="$(get_total_memory)" + fi + sanitized_memory=$(convert_to_mb "$memory") + if [[ "$sanitized_memory" -gt 26000 ]]; then + echo 2xlarge + elif [[ "$sanitized_memory" -gt 13000 ]]; then + echo xlarge + elif [[ "$sanitized_memory" -gt 6000 ]]; then + echo large + elif [[ "$sanitized_memory" -gt 3000 ]]; then + echo medium + elif [[ "$sanitized_memory" -gt 1500 ]]; then + echo small + else + echo micro + fi +} + +# 获取已定义的所有内存大小描述 +get_supported_machine_sizes() { + echo micro small medium large xlarge 2xlarge +} + +# 将以字符串表示的内存大小转换为以MB为单位的内存大小值 (i.e. 2G -> 2048) +# 参数: +# $1 - 内存大小 +convert_to_mb() { + local amount="${1:-}" + if [[ $amount =~ ^([0-9]+)(M|G) ]]; then + size="${BASH_REMATCH[1]}" + unit="${BASH_REMATCH[2]}" + if [[ "$unit" = "G" ]]; then + amount="$((size * 1024))" + else + amount="$size" + fi + fi + echo "$amount" +} + +# 如果禁用调试模式,将输出信息重定向至 /dev/null +# 参数: +# $@ - 待执行的命令 +debug_execute() { + local -r bool="${ENV_DEBUG:-false}" + shopt -s nocasematch + if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then + "$@" + else + "$@" >/dev/null 2>&1 + fi +} + +# 重试执行命令 +# 参数: +# $1 - cmd (as a string) +# $2 - 最大尝试次数. Default: 12 +# $3 - 重试前等待时间(秒). Default: 5 +retry_while() { + local -r cmd="${1:?cmd is missing}" + local -r retries="${2:-12}" + local -r sleep_time="${3:-5}" + local return_value=1 + + read -r -a command <<< "$cmd" + for ((i = 1 ; i <= retries ; i+=1 )); do + "${command[@]}" && return_value=0 && break + sleep "$sleep_time" + done + return $return_value +} diff --git a/prebuilds/usr/local/scripts/libservice.sh b/prebuilds/usr/local/scripts/libservice.sh new file mode 100644 index 0000000..bbf90b4 --- /dev/null +++ b/prebuilds/usr/local/scripts/libservice.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# Ver: 1.0 by Endial Fang (endial@126.com) +# +# 服务管理函数库 + +# shellcheck disable=SC1091 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 获取并返回服务 PID +# 参数: +# $1 - PID 文件 +get_pid_from_file() { + local pid_file="${1:?pid file is missing}" + + if [[ -f "$pid_file" ]]; then + if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then + echo "$(< "$pid_file")" + fi + fi +} + +# 检测 PID 对应的服务是否在运行中 +# 参数: +# $1 - PID +is_service_running() { + local pid="${1:?pid is missing}" + + kill -0 "$pid" 2>/dev/null +} + +# 通过发送信号停止一个指定的服务 +# 参数: +# $1 - PID 文件 +# $2 - 信号 (可选) +stop_service_using_pid() { + local pid_file="${1:?pid file is missing}" + local signal="${2:-}" + local pid + + pid="$(get_pid_from_file "$pid_file")" + [[ -z "$pid" ]] || ! is_service_running "$pid" && return + + if [[ -n "$signal" ]]; then + kill "-${signal}" "$pid" + else + kill "$pid" + fi + + local counter=10 + while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do + sleep 1 + counter=$((counter - 1)) + done +} + +# 生成一个 Logrotate 配置文件 +# 参数: +# $1 - 应用名称 +# $2 - 日志路径及日志文件名 +# $3 - 周期 +# $4 - Rotations 存储的数量 +# $5 - 其他参数 (可选) +generate_logrotate_conf() { + local service_name="${1:?service name is missing}" + local log_path="${2:?log path is missing}" + local period="${3:-weekly}" + local rotations="${4:-150}" + local extra_options="${5:-}" + local logrotate_conf_dir="/etc/logrotate.d" + + mkdir -p "$logrotate_conf_dir" + cat >"${logrotate_conf_dir}/${service_name}" <<-'EOF' + ${log_path} { + ${period} + rotate ${rotations} + dateext + compress + copytruncate + missingok + ${extra_options} + } +EOF +} diff --git a/prebuilds/usr/local/scripts/libvalidations.sh b/prebuilds/usr/local/scripts/libvalidations.sh new file mode 100644 index 0000000..be29b14 --- /dev/null +++ b/prebuilds/usr/local/scripts/libvalidations.sh @@ -0,0 +1,213 @@ +#!/bin/bash +# Ver: 1.0 by Endial Fang (endial@126.com) +# +# 数据有效性校验函数库 + +# 加载依赖项 +. /usr/local/scripts/liblog.sh # 日志输出函数库 + +# 函数列表 + +# 检测数据是否为整数 +# 参数: +# $1 - 待检测的数据 +is_int() { + local -r int="${1:?missing value}" + if [[ "$int" =~ ^-?[0-9]+ ]]; then + true + else + false + fi +} + +# 检测数据是否为正整数 +# 参数: +# $1 - 待检测的数据 +is_positive_int() { + local -r int="${1:?missing value}" + if is_int "$int" && (( "${int}" >= 0 )); then + true + else + false + fi +} + +# 检测数据是否为布尔值 '1' 或字符串 'yes/true' +# 参数: +# $1 - 待检测的数据 +is_boolean_yes() { + local -r bool="${1:-}" + # comparison is performed without regard to the case of alphabetic characters + shopt -s nocasematch + if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then + true + else + false + fi +} + +# 检测数据是否为字符串 'yes/no' +# 参数: +# $1 - 待检测的数据 +is_yes_no_value() { + local -r bool="${1:-}" + if [[ "$bool" =~ ^(yes|no)$ ]]; then + true + else + false + fi +} + +# 检测数据是否为字符串 'true/false' +# 参数: +# $1 - 待检测的数据 +is_true_false_value() { + local -r bool="${1:-}" + if [[ "$bool" =~ ^(true|false)$ ]]; then + true + else + false + fi +} + +# 检测提供的参数是否为空字符串或未定义 +# 参数: +# $1 - 待检测的数据 +is_empty_value() { + local -r val="${1:-}" + if [[ -z "$val" ]]; then + true + else + false + fi +} + +# 检测数据是否为有效的端口号 +# 参数: +# $1 - 待检测的数据 +# 返回值: +# 布尔值 或 错误消息 +validate_port() { + local value + local unprivileged=0 + + # Parse flags + while [[ "$#" -gt 0 ]]; do + case "$1" in + -unprivileged) + unprivileged=1 + ;; + --) + shift + break + ;; + -*) + LOG_E "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + if [[ "$#" -gt 1 ]]; then + LOG_E "too many arguments provided" + return 2 + elif [[ "$#" -eq 0 ]]; then + LOG_E "missing port argument" + return 1 + else + value=$1 + fi + + if [[ -z "$value" ]]; then + LOG_E "the value is empty" + return 1 + else + if ! is_int "$value"; then + LOG_W "value is not an integer" + return 2 + elif [[ "$value" -lt 0 ]]; then + LOG_W "negative value provided" + return 2 + elif [[ "$value" -gt 65535 ]]; then + LOG_W "requested port is greater than 65535" + return 2 + elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then + LOG_W "privileged port requested" + return 3 + fi + fi +} + +# 检测数据是否为有效的IPv4地址 +# 参数: +# $1 - 待检测的数据 +validate_ipv4() { + local ip="${1:?ip is missing}" + local stat=1 + + if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then + read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" + [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ + && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] + stat=$? + fi + return $stat +} + +# 校验字符串格式 +# 参数: +# $1 - 待检测的数据 +validate_string() { + local string + local min_length=-1 + local max_length=-1 + + # Parse flags + while [ "$#" -gt 0 ]; do + case "$1" in + -min-length) + shift + min_length=${1:-} + ;; + -max-length) + shift + max_length=${1:-} + ;; + --) + shift + break + ;; + -*) + LOG_E "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + if [ "$#" -gt 1 ]; then + LOG_E "too many arguments provided" + return 2 + elif [ "$#" -eq 0 ]; then + LOG_W "missing string" + return 1 + else + string=$1 + fi + + if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then + LOG_I "string length is less than $min_length" + return 1 + fi + if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then + LOG_I "string length is great than $max_length" + return 1 + fi +} \ No newline at end of file diff --git a/prebuilds/usr/sbin/download_pkg b/prebuilds/usr/sbin/download_pkg index b216ec7..6f1ad7d 100755 --- a/prebuilds/usr/sbin/download_pkg +++ b/prebuilds/usr/sbin/download_pkg @@ -1,6 +1,9 @@ #!/bin/bash +# Ver: 1.0 by Endial Fang (endial@126.com) +# # shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行) -. /usr/local/scripts/functions +set -eux +. /usr/local/scripts/liblog.sh print_usage() { LOG "Usage: download_pkg \"\" [OPTIONS]" @@ -139,8 +142,8 @@ fi # 安装或解压软件 case "$1" in install) - cp $CACHE_ROOT/$PACKAGE /usr/local/bin/ LOG_I "Installing $PACKAGE" + cp $CACHE_ROOT/$PACKAGE /usr/local/bin/ ;; unpack) if ! tar tzf $CACHE_ROOT/$PACKAGE >/dev/null 2>&1; then @@ -151,7 +154,7 @@ case "$1" in if which bsdtar >/dev/null 2>&1; then bsdtar -xf $CACHE_ROOT/$PACKAGE else - tar xzf $CACHE_ROOT/$PACKAGE + tar xzf $CACHE_ROOT/$PACKAGE --no-same-owner fi ;; esac diff --git a/prebuilds/usr/sbin/install_pkg b/prebuilds/usr/sbin/install_pkg index b2d749f..45b17cb 100755 --- a/prebuilds/usr/sbin/install_pkg +++ b/prebuilds/usr/sbin/install_pkg @@ -1,19 +1,21 @@ #!/bin/bash +# Ver: 1.0 by Endial Fang (endial@126.com) +# # shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行) set -eux print_usage() { - LOG "Usage: install_pkg " - LOG "" - LOG "Download and install packages" - LOG "" - LOG "Options:" - LOG " -h, --help Show this help message and exit." - LOG "" - LOG "Examples:" - LOG " - Unpack package" - LOG " \$ install_pkg bash curl" - LOG "" + echo "Usage: install_pkg " + echo "" + echo "Download and install packages" + echo "" + echo "Options:" + echo " -h, --help Show this help message and exit." + echo "" + echo "Examples:" + echo " - Unpack package" + echo " \$ install_pkg bash curl" + echo "" } if [ $# -lt 1 ]; then @@ -33,6 +35,7 @@ max=2 until [ $retry -gt $max ]; do set +e ( + export DEBIAN_FRONTEND=noninteractive && apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends "$@"