docker/template
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[fix:alpine]梳理脚本

Browse Source
This commit is contained in:
房振会
2020-09-09 22:13:34 +08:00
parent fb8f95b295
commit 336e076dd9
25 changed files with 1703 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
alpine/Dockerfile
+102
View File
@@ -0,0 +1,102 @@
# Ver: 1.2 by Endial Fang (endial@126.com)
#
# 预处理 =========================================================================
FROM colovu/abuilder as builder
# sources.list 可使用版本:default / tencent / ustc / aliyun / huawei
ARG apt_source=default
# 编译镜像时指定用于加速的本地服务器地址
ARG local_url=""
WORKDIR /usr/local
RUN select_source ${apt_source};
# 下载并解压软件包
#RUN set -eux; \
# appVersion=1.12; \
# appName=gosu-"$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
# appKeys="0xB42F6819007F00F88E364FD4036A9C25BF357DD4"; \
# [ ! -z ${local_url} ] && localURL=${local_url}/gosu; \
# appUrls="${localURL:-} \
# https://github.com/tianon/gosu/releases/download/${appVersion} \
# "; \
# download_pkg install ${appName} "${appUrls}" -g "${appKeys}"; \
# chmod +x /usr/local/bin/${appName};
# 源码编译软件包
#RUN set -eux; \
# 源码编译方式安装: 编译后将原始配置文件拷贝至 ${APP_DEF_DIR} 中
# APP_SRC="/usr/local/src/${APP_NAME}-${APP_VERSION}"; \
# mkdir -p ${APP_SRC}; \
# tar --extract --file "${DIST_NAME}" --directory "${APP_SRC}" --strip-components 1; \
# cd ${APP_SRC}; \
# ./configure ; \
# make -j "$(nproc)"; \
# make install; \
# cp -rf ./conf/* ${APP_DEF_DIR}/;
# 镜像生成 ========================================================================
FROM colovu/alpine:3.12
ARG apt_source=default
ARG local_url=""
ENV APP_NAME=test \
APP_USER=builder \
APP_EXEC=/bin/bash \
APP_VERSION=1.0.0
ENV APP_HOME_DIR=/usr/local/${APP_NAME} \
APP_DEF_DIR=/etc/${APP_NAME} \
APP_CONF_DIR=/srv/conf/${APP_NAME} \
APP_DATA_DIR=/srv/data/${APP_NAME} \
APP_DATA_LOG_DIR=/srv/datalog/${APP_NAME} \
APP_CACHE_DIR=/var/cache/${APP_NAME} \
APP_RUN_DIR=/var/run/${APP_NAME} \
APP_LOG_DIR=/var/log/${APP_NAME} \
APP_CERT_DIR=/srv/cert/${APP_NAME}
ENV \
PATH="${APP_HOME_DIR}/bin:${PATH}"
LABEL \
"Version"="v${APP_VERSION}" \
"Description"="Docker image for ${APP_NAME}(v${APP_VERSION})." \
"Dockerfile"="https://github.com/colovu/docker-${APP_NAME}" \
"Vendor"="Endial Fang (endial@126.com)"
COPY prebuilds /
COPY customer /
# 以包管理方式安装软件包(Optional)
#RUN select_source ${apt_source}
#RUN install_pkg bash tini sudo
RUN create_user && prepare_env
# 从预处理过程中拷贝软件包(Optional)
#COPY --from=0 /usr/local/bin/gosu-amd64 /usr/local/bin/gosu
#COPY --from=builder /usr/local/bin/gosu-amd64 /usr/local/bin/gosu
# 执行预处理脚本,并验证安装的软件包
RUN set -eux; \
override_file="/usr/local/overrides/overrides-${APP_VERSION}.sh"; \
[[ -e "${override_file}" ]] && /bin/bash "${override_file}"; \
gosu ${APP_USER} ${APP_EXEC} --version ; \
:;
# 默认提供的数据卷
VOLUME ["/srv/conf", "/srv/data", "/srv/datalog", "/srv/cert", "/var/log"]
# 默认使用gosu切换为新建用户启动,必须保证端口在1024之上
EXPOSE 8080
# 容器初始化命令,默认存放在:/usr/local/bin/entry.sh
ENTRYPOINT ["entry.sh"]
# 应用程序的服务命令,必须使用非守护进程方式运行。如果使用变量,则该变量必须在运行环境中存在(ENV可以获取)
CMD ["${APP_EXEC}"]
alpine/customer/usr/local/bin/appcommon.sh
+408
View File
@@ -0,0 +1,408 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 应用通用业务处理函数
# 加载依赖脚本
. /usr/local/scripts/libcommon.sh # 通用函数库
. /usr/local/scripts/libfile.sh
. /usr/local/scripts/libfs.sh
. /usr/local/scripts/libos.sh
. /usr/local/scripts/libservice.sh
. /usr/local/scripts/libvalidations.sh
# 函数列表
# 加载应用使用的环境变量初始值,该函数在相关脚本中以 eval 方式调用
# 全局变量:
# ENV_* : 容器使用的全局变量
# APP_* : 在镜像创建时定义的全局变量
# *_* : 应用配置文件使用的全局变量,变量名根据配置项定义
# 返回值:
# 可以被 'eval' 使用的序列化输出
app_env() {
cat <<-'EOF'
# Common Settings
export ENV_DEBUG=${ENV_DEBUG:-false}
# Paths configuration
# Application settings
# Cluster configuration
# TLS Settings
# JVM settings
# Authentication
EOF
# 利用 *_FILE 设置密码,不在配置命令中设置密码,增强安全性
if [[ -f "${APP_CLIENT_PASSWORD_FILE:-}" ]]; then
cat <<-'EOF'
export APP_CLIENT_PASSWORD="$(< "${APP_CLIENT_PASSWORD_FILE}")"
EOF
fi
}
# 使用环境变量中以 "APP_CFG_" 开头的的全局变量更新配置文件中对应项(全小写,以"."分隔)
# 举例:
# APP_CFG_LOG_DIRS 对应配置文件中的配置项:log.dirs
app_configure_from_env_variables() {
# Map environment variables to config properties
for var in "${!APP_CFG_@}"; do
key="$(echo "$var" | sed -e 's/^APP_CFG_//g' -e 's/_/\./g' | tr '[:upper:]' '[:lower:]')"
value="${!var}"
app_conf_set "$key" "$value"
done
}
# 将变量配置更新至配置文件
# 参数:
# $1 - 文件
# $2 - 变量
# $3 - 值(列表)
app_common_conf_set() {
local file="${1:?missing file}"
local key="${2:?missing key}"
shift
shift
local values=("$@")
if [[ "${#values[@]}" -eq 0 ]]; then
LOG_E "missing value"
return 1
elif [[ "${#values[@]}" -ne 1 ]]; then
for i in "${!values[@]}"; do
app_common_conf_set "$file" "${key[$i]}" "${values[$i]}"
done
else
value="${values[0]}"
# Check if the value was set before
if grep -q "^[#\\s]*$key\s*=.*" "$file"; then
# Update the existing key
replace_in_file "$file" "^[#\\s]*${key}\s*=.*" "${key}=${value}" false
else
# 增加一个新的配置项;如果在其他位置有类似操作,需要注意换行
printf "%s=%s" "$key" "$value" >>"$file"
fi
fi
}
# 更新 server.properties 配置文件中指定变量值
# 变量:
# $1 - 变量
# $2 - 值(列表)
app_conf_set() {
app_common_conf_set "${APP_CONF_DIR}/zoo.cfg" "$@"
}
# 更新 log4j.properties 配置文件中指定变量值
# 变量:
# $1 - 变量
# $2 - 值(列表)
app_log4j_set() {
app_common_conf_set "${APP_CONF_DIR}/log4j.properties" "$@"
}
# 生成默认配置文件
app_generate_conf() {
# 准备原始默认配置文件或生成空文件
cp "${APP_CONF_DIR}/app_sample.cfg" "${APP_CONF_FILE}"
echo "">> "${APP_CONF_FILE}"
# 根据容器参数,设置配置文件
app_log4j_set "zookeeper.console.threshold" "${ZOO_LOG_LEVEL}"
app_log4j_set "zookeeper.log.dir" "${APP_LOG_DIR}"
}
# 设置环境变量 JVMFLAGS
# 参数:
# $1 - value
app_export_jvmflags() {
local -r value="${1:?value is required}"
export JVMFLAGS="${JVMFLAGS} ${value}"
echo "export JVMFLAGS=\"${JVMFLAGS}\"" > "${APP_CONF_DIR}/java.env"
}
# 配置 HEAP 大小
# 参数:
# $1 - HEAP 大小
app_configure_heap_size() {
local -r heap_size="${1:?heap_size is required}"
if [[ "${JVMFLAGS}" =~ -Xm[xs].*-Xm[xs] ]]; then
LOG_D "Using specified values (JVMFLAGS=${JVMFLAGS})"
else
LOG_D "Setting '-Xmx${heap_size}m -Xms${heap_size}m' heap options..."
app_export_jvmflags "-Xmx${heap_size}m -Xms${heap_size}m"
fi
}
# 检测用户参数信息是否满足条件; 针对部分权限过于开放情况,打印提示信息
app_verify_minimum_env() {
local error_code=0
LOG_D "Validating settings in APP_* env vars..."
print_validation_error() {
LOG_E "$1"
error_code=1
}
# 检测认证设置。如果不允许匿名登录,检测登录用户名及密码是否设置
# if is_boolean_yes "$ALLOW_ANONYMOUS_LOGIN"; then
# LOG_W "You have set the environment variable ALLOW_ANONYMOUS_LOGIN=${ALLOW_ANONYMOUS_LOGIN}. For safety reasons, do not use this flag in a production environment."
# elif ! is_boolean_yes "$ZOO_ENABLE_AUTH"; then
# print_validation_error "The ZOO_ENABLE_AUTH environment variable does not configure authentication. Set the environment variable ALLOW_ANONYMOUS_LOGIN=yes to allow unauthenticated users to connect to ZooKeeper."
# fi
# TODO: 其他参数检测
[[ "$error_code" -eq 0 ]] || exit "$error_code"
}
# 更改默认监听地址为 "*" 或 "0.0.0.0",以对容器外提供服务;默认配置文件应当为仅监听 localhost(127.0.0.1)
app_enable_remote_connections() {
LOG_D "Modify default config to enable all IP access"
}
# 检测依赖的服务端口是否就绪;该脚本依赖系统工具 'netcat'
# 参数:
# $1 - host:port
app_wait_service() {
local serviceport=${1:?Missing server info}
local service=${serviceport%%:*}
local port=${serviceport#*:}
local retry_seconds=5
local max_try=100
let i=1
if [[ -z "$(which nc)" ]]; then
LOG_E "Nedd nc installed before, command: \"apk add netcat-openbsd\"."
exit 1
fi
LOG_I "[0/${max_try}] check for ${service}:${port}..."
set +e
nc -z ${service} ${port}
result=$?
until [ $result -eq 0 ]; do
LOG_D " [$i/${max_try}] not available yet"
if (( $i == ${max_try} )); then
LOG_E "${service}:${port} is still not available; giving up after ${max_try} tries."
exit 1
fi
LOG_I "[$i/${max_try}] try in ${retry_seconds}s once again ..."
let "i++"
sleep ${retry_seconds}
nc -z ${service} ${port}
result=$?
done
set -e
LOG_I "[$i/${max_try}] ${service}:${port} is available."
}
# 以后台方式启动应用服务,并等待启动就绪
app_start_server_bg() {
is_app_server_running && return
LOG_I "Starting ${APP_NAME} in background..."
# 使用内置脚本启动服务
#local start_command="zkServer.sh start"
#if is_boolean_yes "${ENV_DEBUG}"; then
# $start_command &
#else
# $start_command >/dev/null 2>&1 &
#fi
# 使用内置命令启动服务
# if [[ "${ENV_DEBUG:-false}" = true ]]; then
# debug_execute "rabbitmq-server" &
#else
# debug_execute "rabbitmq-server" >/dev/null 2>&1 &
#fi
# 通过命令或特定端口检测应用是否就绪
LOG_I "Checking ${APP_NAME} ready status..."
# wait-for-port --timeout 60 "$ZOO_PORT_NUMBER"
LOG_D "${APP_NAME} is ready for service..."
}
# 停止应用服务
app_stop_server() {
is_app_server_running || return
LOG_I "Stopping ${APP_NAME}..."
# 使用 PID 文件 kill 进程
stop_service_using_pid "$APP_PID_FILE"
# 使用内置命令停止服务
#debug_execute "rabbitmqctl" stop
# 使用内置脚本关闭服务
#if [[ "$ENV_DEBUG" = true ]]; then
# "zkServer.sh" stop
#else
# "zkServer.sh" stop >/dev/null 2>&1
#fi
# 检测停止是否完成
local counter=10
while [[ "$counter" -ne 0 ]] && is_app_server_running; do
LOG_D "Waiting for ${APP_NAME} to stop..."
sleep 1
counter=$((counter - 1))
done
}
# 检测应用服务是否在后台运行中
is_app_server_running() {
LOG_D "Check if ${APP_NAME} is running..."
local pid
pid="$(get_pid_from_file '/var/run/${APP_NAME}/${APP_NAME}.pid')"
if [[ -z "${pid}" ]]; then
false
else
is_service_running "${pid}"
fi
}
# 清理初始化应用时生成的临时文件
app_clean_tmp_file() {
LOG_D "Clean ${APP_NAME} tmp files for init..."
}
# 在重新启动容器时,删除标志文件及必须删除的临时文件 (容器重新启动)
app_clean_from_restart() {
LOG_D "Clean ${APP_NAME} tmp files for restart..."
local -r -a files=(
"/var/run/${APP_NAME}/${APP_NAME}.pid"
)
for file in ${files[@]}; do
if [[ -f "$file" ]]; then
LOG_I "Cleaning stale $file file"
rm "$file"
fi
done
}
# 应用默认初始化操作
# 执行完毕后,生成文件 ${APP_CONF_DIR}/.app_init_flag 及 ${APP_DATA_DIR}/.data_init_flag 文件
app_default_init() {
app_clean_from_restart
LOG_D "Check init status of ${APP_NAME}..."
# 检测配置文件是否存在
if [[ ! -f "${APP_CONF_DIR}/.app_init_flag" ]]; then
LOG_I "No injected configuration file found, creating default config files..."
# TODO: 生成配置文件,并按照容器运行参数进行相应修改
touch ${APP_CONF_DIR}/.app_init_flag
echo "$(date '+%Y-%m-%d %H:%M:%S') : Init success." >> ${APP_CONF_DIR}/.app_init_flag
else
LOG_I "User injected custom configuration detected!"
fi
if [[ ! -f "${APP_DATA_DIR}/.data_init_flag" ]]; then
LOG_I "Deploying ${APP_NAME} from scratch..."
# 检测服务是否运行中如果未运行,则启动后台服务
is_app_server_running || app_start_server_bg
# TODO: 根据需要生成相应初始化数据
touch ${APP_DATA_DIR}/.data_init_flag
echo "$(date '+%Y-%m-%d %H:%M:%S') : Init success." >> ${APP_DATA_DIR}/.data_init_flag
else
LOG_I "Deploying ${APP_NAME} with persisted data..."
fi
}
# 用户自定义的前置初始化操作,依次执行目录 preinitdb.d 中的初始化脚本
# 执行完毕后,生成文件 ${APP_DATA_DIR}/.custom_preinit_flag
app_custom_preinit() {
LOG_D "Check custom pre-init status of ${APP_NAME}..."
# 检测用户配置文件目录是否存在 preinitdb.d 文件夹,如果存在,尝试执行目录中的初始化脚本
if [ -d "/srv/conf/${APP_NAME}/preinitdb.d" ]; then
# 检测数据存储目录是否存在已初始化标志文件;如果不存在,检索可执行脚本文件并进行初始化操作
if [[ -n $(find "/srv/conf/${APP_NAME}/preinitdb.d/" -type f -regex ".*\.\(sh\)") ]] && \
[[ ! -f "${APP_DATA_DIR}/.custom_preinit_flag" ]]; then
LOG_I "Process custom pre-init scripts from /srv/conf/${APP_NAME}/preinitdb.d..."
# 检索所有可执行脚本,排序后执行
find "/srv/conf/${APP_NAME}/preinitdb.d/" -type f -regex ".*\.\(sh\)" | sort | process_init_files
touch ${APP_DATA_DIR}/.custom_preinit_flag
echo "$(date '+%Y-%m-%d %H:%M:%S') : Init success." >> ${APP_DATA_DIR}/.custom_preinit_flag
LOG_I "Custom preinit for ${APP_NAME} complete."
else
LOG_I "Custom preinit for ${APP_NAME} already done before, skipping initialization."
fi
fi
# 检测依赖的服务是否就绪
#for i in ${SERVICE_PRECONDITION[@]}; do
# app_wait_service "${i}"
#done
}
# 用户自定义的应用初始化操作,依次执行目录initdb.d中的初始化脚本
# 执行完毕后,生成文件 ${APP_DATA_DIR}/.custom_init_flag
app_custom_init() {
LOG_D "Check custom init status of ${APP_NAME}..."
# 检测用户配置文件目录是否存在 initdb.d 文件夹,如果存在,尝试执行目录中的初始化脚本
if [ -d "/srv/conf/${APP_NAME}/initdb.d" ]; then
# 检测数据存储目录是否存在已初始化标志文件;如果不存在,检索可执行脚本文件并进行初始化操作
if [[ -n $(find "/srv/conf/${APP_NAME}/initdb.d/" -type f -regex ".*\.\(sh\|sql\|sql.gz\)") ]] && \
[[ ! -f "${APP_DATA_DIR}/.custom_init_flag" ]]; then
LOG_I "Process custom init scripts from /srv/conf/${APP_NAME}/initdb.d..."
# 检测服务是否运行中;如果未运行,则启动后台服务
is_app_server_running || app_start_server_bg
# 检索所有可执行脚本,排序后执行
find "/srv/conf/${APP_NAME}/initdb.d/" -type f -regex ".*\.\(sh\|sql\|sql.gz\)" | sort | while read -r f; do
case "$f" in
*.sh)
if [[ -x "$f" ]]; then
LOG_D "Executing $f"; "$f"
else
LOG_D "Sourcing $f"; . "$f"
fi
;;
#*.sql) LOG_D "Executing $f"; postgresql_execute "$PG_DATABASE" "$PG_INITSCRIPTS_USERNAME" "$PG_INITSCRIPTS_PASSWORD" < "$f";;
#*.sql.gz) LOG_D "Executing $f"; gunzip -c "$f" | postgresql_execute "$PG_DATABASE" "$PG_INITSCRIPTS_USERNAME" "$PG_INITSCRIPTS_PASSWORD";;
*) LOG_D "Ignoring $f" ;;
esac
done
touch ${APP_DATA_DIR}/.custom_init_flag
echo "$(date '+%Y-%m-%d %H:%M:%S') : Init success." >> ${APP_DATA_DIR}/.custom_init_flag
LOG_I "Custom init for ${APP_NAME} complete."
else
LOG_I "Custom init for ${APP_NAME} already done before, skipping initialization."
fi
fi
# 检测服务是否运行中;如果运行,则停止后台服务
is_app_server_running && app_stop_server
# 删除第一次运行生成的临时文件
app_clean_tmp_file
# 绑定所有 IP ,启用远程访问
app_enable_remote_connections
}
alpine/customer/usr/local/bin/entry.sh
Executable
+34
View File
@@ -0,0 +1,34 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 容器入口脚本
# 设置 shell 执行参数,可使用'-'(打开)'+'(关闭)控制。常用:
# -e: 命令执行错误则报错; -u: 变量未定义则报错; -x: 打印实际待执行的命令行; -o pipefail: 设置管道中命令遇到失败则报错
set -eu
set -o pipefail
. /usr/local/bin/appcommon.sh # 应用专用函数库
eval "$(app_env)"
LOG_I "** Processing entry.sh **"
if ! is_sourced; then
# 替换命令行中的变量
set -- $(eval echo "$@")
[ "${1:0:1}" = '-' ] && set -- "${APP_EXEC:-}" "$@"
print_image_welcome
print_command_help "$@"
if [ "$1" = "${APP_EXEC}" ] && is_root; then
/usr/local/bin/setup.sh
LOG_I "Restart with non-root user: ${APP_USER:-APP_NAME}\n"
exec gosu "${APP_USER:-APP_NAME}" "$0" "$@"
fi
LOG_I "Start container with command: $@"
exec tini -- "$@"
fi
alpine/customer/usr/local/bin/init.sh
Executable
+25
View File
@@ -0,0 +1,25 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 应用初始化脚本
# 设置 shell 执行参数,可使用'-'(打开)'+'(关闭)控制。常用:
# -e: 命令执行错误则报错; -u: 变量未定义则报错; -x: 打印实际待执行的命令行; -o pipefail: 设置管道中命令遇到失败则报错
set -eu
set -o pipefail
. /usr/local/bin/appcommon.sh # 应用专用函数库
eval "$(app_env)"
LOG_I "** Processing init.sh **"
# 执行应用预初始化操作
app_custom_preinit
# 执行应用初始化操作
app_default_init
# 执行用户自定义初始化脚本
app_custom_init
LOG_I "** Processing init.sh finished! **"
alpine/customer/usr/local/bin/run.sh
Executable
+25
View File
@@ -0,0 +1,25 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 应用启动脚本
# 设置 shell 执行参数,可使用'-'(打开)'+'(关闭)控制。常用:
# -e: 命令执行错误则报错; -u: 变量未定义则报错; -x: 打印实际待执行的命令行; -o pipefail: 设置管道中命令遇到失败则报错
set -eu
set -o pipefail
. /usr/local/bin/appcommon.sh # 应用专用函数库
eval "$(app_env)"
LOG_I "** Processing run.sh **"
flags=("${APP_CONF_FILE:-}")
[[ -z "${APP_EXTRA_FLAGS:-}" ]] || flags=("${flags[@]}" "${APP_EXTRA_FLAGS[@]}")
START_COMMAND=("${APP_EXEC:-/bin/bash}" "${flags[@]}")
LOG_I "** Starting ${APP_NAME} **"
if is_root; then
exec gosu "${APP_USER:-APP_NAME}" tini -s -- "${START_COMMAND[@]}"
else
exec tini -s -- "${START_COMMAND[@]}"
fi
alpine/customer/usr/local/bin/setup.sh
Executable
+37
View File
@@ -0,0 +1,37 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 应用环境及依赖文件设置脚本
# 设置 shell 执行参数,可使用'-'(打开)'+'(关闭)控制。常用:
# -e: 命令执行错误则报错; -u: 变量未定义则报错; -x: 打印实际待执行的命令行; -o pipefail: 设置管道中命令遇到失败则报错
set -eu
set -o pipefail
. /usr/local/bin/appcommon.sh # 应用专用函数库
eval "$(app_env)"
LOG_I "** Processing setup.sh **"
APP_DIRS="${APP_CONF_DIR:-} ${APP_DATA_DIR:-} ${APP_LOG_DIR:-} ${APP_CERT_DIR:-} ${APP_DATA_LOG_DIR:-}"
for dir in ${APP_DIRS}; do
ensure_dir_exists ${dir}
done
app_verify_minimum_env
# 检测指定文件是否在配置文件存储目录存在,如果不存在则拷贝(新挂载数据卷、手动删除都会导致不存在)
LOG_I "Check config files in: ${APP_CONF_DIR}"
if [[ ! -z "$(ls -A "${APP_DEF_DIR}")" ]]; then
ensure_config_file_exist "${APP_DEF_DIR}" $(ls -A "${APP_DEF_DIR}")
fi
for dir in ${APP_DIRS}; do
configure_permissions_ownership "$dir" -u "${APP_USER}" -g "${APP_USER}"
done
# 解决使用gosu后,nginx: [emerg] open() "/dev/stdout" failed (13: Permission denied)
LOG_D "Change permissions of stdout/stderr to 0622"
chmod 0622 /dev/stdout /dev/stderr
LOG_I "** Processing setup.sh finished! **"
alpine/customer/usr/local/overrides/overrides-x.x.x.sh
+11
View File
@@ -0,0 +1,11 @@
#!/bin/bash -e
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 在安装完应用后,使用该脚本修改默认配置文件中部分配置项; 如果相应的配置项已经定义为容器环境变量,则不需要在这里修改
# 定义要修改的文件
CONF_FILE="${APP_DEF_DIR}/config/server.properties"
echo "Process overrides for: ${CONF_FILE}"
#sed -i -E 's/^listeners=/d' "${CONF_FILE}"
#sed -i -E 's/^log.dirs=\/tmp\/kafka-logs*/log.dirs=\/var\/log\/kafka/g' "${CONF_FILE}"
alpine/customer/usr/sbin/create_user
Executable
+9
View File
@@ -0,0 +1,9 @@
#!/bin/bash
# shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行)
set -eux
addgroup -g 998 -S ${APP_USER}
adduser -g 998 -u 999 -s /bin/bash -h ${APP_DATA_DIR} -D -S ${APP_USER}
# 如果需要 sudo 权限,需要安装 su 软件包:apk add sudo
#sed -i -e 's/^\sDefaults\s*secure_path\s*=/# Defaults secure_path=/' /etc/sudoers
#echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
alpine/customer/usr/sbin/prepare_env
Executable
+8
View File
@@ -0,0 +1,8 @@
#!/bin/bash
# shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行)
set -eux
APP_DIRS="${APP_DEF_DIR:-} ${APP_CONF_DIR:-} ${APP_DATA_DIR:-} ${APP_CACHE_DIR:-} ${APP_RUN_DIR:-} ${APP_LOG_DIR:-} ${APP_CERT_DIR:-} ${APP_HOME_DIR:-}"
mkdir -p ${APP_DIRS}
chown -Rf ${APP_USER}:${APP_USER} ${APP_DIRS};
alpine/prebuilds/etc/apk/repositories.aliyun
+2
View File
@@ -0,0 +1,2 @@
http://mirrors.aliyun.com/alpine/v3.12/main
http://mirrors.aliyun.com/alpine/v3.12/community
alpine/prebuilds/etc/apk/repositories.default
+2
View File
@@ -0,0 +1,2 @@
http://dl-cdn.alpinelinux.org/alpine/v3.12/main
http://dl-cdn.alpinelinux.org/alpine/v3.12/community
alpine/prebuilds/etc/apk/repositories.huawei
+2
View File
@@ -0,0 +1,2 @@
http://mirrors.huaweicloud.com/alpine/v3.12/main
http://mirrors.huaweicloud.com/alpine/v3.12/community
alpine/prebuilds/etc/apk/repositories.tencent
+2
View File
@@ -0,0 +1,2 @@
http://mirrors.cloud.tencent.com/alpine/v3.12/main
http://mirrors.cloud.tencent.com/alpine/v3.12/community
alpine/prebuilds/etc/apk/repositories.ustc
+2
View File
@@ -0,0 +1,2 @@
http://mirrors.ustc.edu.cn/alpine/v3.12/main
http://mirrors.ustc.edu.cn/alpine/v3.12/community
alpine/prebuilds/usr/local/license/LICENSE
+21
View File
@@ -0,0 +1,21 @@
MIT License
Copyright (c) 2020 Endial Fang (endial@126.com)
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
alpine/prebuilds/usr/local/scripts/libcommon.sh
+119
View File
@@ -0,0 +1,119 @@
#!/bin/bash
# Ver: 1.3 by Endial Fang (endial@126.com)
#
# 通用函数库
# 加载依赖项
. /usr/local/scripts/liblog.sh # 日志输出函数库
# 函数列表
# 打印包含包含Logo的欢迎信息
print_welcome_info() {
[[ -n "${APP_NAME}" ]] && github_url="/docker-${APP_NAME}"
LOG_I ' ____ _ '
LOG_I ' / ___|___ | | _____ ___ _ '
LOG_I '| | / _ \| |/ _ \ \ / / | | | '"Docker : ${BOLD}${APP_NAME:-undefined}${RESET}"
LOG_I '| |__| (_) | | (_) \ V /| |_| | '"Version: ${BOLD}${APP_VERSION:-0.0}${RESET}"
LOG_I ' \____\___/|_|\___/ \_/ \__,_| '"PowerBy: ${BOLD}Endial@126.com${RESET}"
LOG_D " Project Repo: https://github.com/colovu/${github_url:-}"
LOG_I ""
}
# 根据需要打印欢迎信息
print_image_welcome() {
if [[ "$(id -u)" = "0" ]]; then
print_welcome_info
fi
}
# 检测可能导致容器执行后直接退出的命令,如"--help";如果存在,直接返回 0
# 参数:
# $1 - 待检测的参数表
print_command_help() {
local arg
for arg; do
case "$arg" in
-'?'|--help|-V|--version)
exec "${APP_EXEC:-/bin/bash}" "${arg}"
exit
;;
esac
done
}
# 检测应用相应的配置文件是否存在,如果不存在,则从默认配置文件目录拷贝一份
# 默认配置文件路径:/etc/${APP_NAME}
# 目标配置文件路径:/srv/conf/${APP_NAME}
# 参数:
# $1 - 基础路径
# $* - 基础路径下的文件及目录列表,以" "分割
# 例子:
# ensure_config_file_exist /etc/${APP_NAME} conf.d server.conf
ensure_config_file_exist() {
local -r base_path="${1:?paths is missing}"
local f=""
local dist=""
shift 1
LOG_D "List to check: $@"
while [ "$#" -gt 0 ]; do
f="${1}"
LOG_D " Process \"${f}\""
if [ -d "${base_path}/${f}" ]; then
dist="$(echo ${base_path}/${f} | sed -e 's/\/etc/\/srv\/conf/g')"
[[ ! -d "${dist}" ]] && LOG_D " Create directory: ${dist}" && mkdir -p "${dist}"
[[ ! -z $(ls -A "${base_path}/${f}") ]] && ensure_config_file_exist "${base_path}/${f}" $(ls -A "${base_path}/${f}")
else
dist="$(echo ${base_path}/${f} | sed -e 's/\/etc/\/srv\/conf/g')"
[[ ! -e "${dist}" ]] && LOG_D " Copy: ${base_path}/${f} ===> ${dist}" && cp "${base_path}/${f}" "${dist}" && rm -rf "/srv/conf/${APP_NAME}/.app_init_flag"
fi
shift
done
}
# 根据脚本扩展名及权限,执行相应的初始化脚本
# 参数:
# $1 - 文件列表,支持路径通配符
# 使用:
# process_init_files [file [file [...]]]
# 例子:
# process_init_files /src/conf/${APP_NAME}/initdb.d/*
process_init_files() {
echo
local f
for f; do
case "$f" in
*.sh)
if [ -x "$f" ]; then
LOG_I "$0: running $f"
"$f"
else
LOG_I "$0: sourcing $f"
. "$f"
fi
;;
*) LOG_W "$0: ignoring $f" ;;
esac
echo
done
}
# 检测当前是否为 root 用户
is_root() {
if [[ "$(id -u)" = "0" ]]; then
LOG_D "Run as root."
true
else
LOG_D "Run as non-root: $(id -u)"
false
fi
}
# 检测当前脚本是被直接执行的,还是从其他脚本中使用 "source" 调用的
is_sourced() {
[ "${#FUNCNAME[@]}" -ge 2 ] \
&& [ "${FUNCNAME[0]}" = 'is_sourced' ] \
&& [ "${FUNCNAME[1]}" = 'source' ]
}
alpine/prebuilds/usr/local/scripts/libfile.sh
+78
View File
@@ -0,0 +1,78 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 文件操作函数库
# 加载依赖项
. /usr/local/scripts/liblog.sh # 日志输出函数库
# 函数列表
# 检测"*_FILE"文件,并从文件中读取信息作为参数值;环境变量不允许 VAR 与 VAR_FILE 方式并存
# 变量:
# $1 - 需要设置的环境变量名称
# $2 - 该变量对应的默认值(Option)
#
# 使用: file_env ENV_VAR [DEFAULT]
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
LOG_E "Both $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(< "${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
# 使用规则表达式在文件中替换数据
# 参数:
# $1 - 文件名
# $2 - 正则表达式
# $3 - 替代数据表达式
# $4 - 是否使用POSIX表达式. Default: true
replace_in_file() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local substitute_regex="${3:?substitute regex is required}"
local posix_regex=${4:-true}
local result
# 因部分系统兼容性问题,需要防止使用 'sed in-place' 方式操作
if [[ $posix_regex = true ]]; then
result="$(sed -E "s@$match_regex@$substitute_regex@g" "$filename")"
else
result="$(sed "s@$match_regex@$substitute_regex@g" "$filename")"
fi
echo "$result" > "$filename"
}
# 使用规则表达式在文件中删除数据
# 参数:
# $1 - 文件名
# $2 - 正则表达式
# $3 - 是否使用POSIX表达式. Default: true
remove_in_file() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local posix_regex=${3:-true}
local result
# 因部分系统兼容性问题,需要防止使用 'sed in-place' 方式操作
if [[ $posix_regex = true ]]; then
result="$(sed -E "/$match_regex/d" "$filename")"
else
result="$(sed "/$match_regex/d" "$filename")"
fi
echo "$result" > "$filename"
}
alpine/prebuilds/usr/local/scripts/libfs.sh
+107
View File
@@ -0,0 +1,107 @@
#!/bin/bash
# Ver: 1.1 by Endial Fang (endial@126.com)
#
# 文件管理函数库
# 加载依赖项
. /usr/local/scripts/liblog.sh # 日志输出函数库
# 函数列表
# 检测目录是否存在,如果不存在则创建,同时修改为指定的用户
# 参数:
# $1 - 目录路径
# $2 - 用户
ensure_dir_exists() {
local dir="${1:?directory is missing}"
local owner="${2:-}"
mkdir -p "${dir}"
if [[ -n $owner ]]; then
chown "$owner":"$owner" "$dir"
fi
}
# 检测目录是否存在或为空
# 参数:
# $1 - 目录路径
is_dir_empty() {
local dir="${1:?missing directory}"
if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then
true
else
false
fi
}
# 循环设置目录中子目录及文件权限
# 参数:
# $1 - paths (as a string).
# Flags:
# -f|--file-mode - 文件权限模式
# -d|--dir-mode - 目录权限模式
# -u|--user - 用户
# -g|--group - 用户组
configure_permissions_ownership() {
local -r paths="${1:?paths is missing}"
local dir_mode=""
local file_mode=""
local user=""
local group=""
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-f|--file-mode)
shift
file_mode="${1:?missing mode for files}"
;;
-d|--dir-mode)
shift
dir_mode="${1:?missing mode for directories}"
;;
-u|--user)
shift
user="${1:?missing user}"
;;
-g|--group)
shift
group="${1:?missing group}"
;;
*)
LOG_E "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a filepaths <<< "$paths"
for p in "${filepaths[@]}"; do
if [[ -e "$p" ]]; then
LOG_D "Check $p"
if [[ -n ${dir_mode} ]]; then
LOG_D "Change permissions to ${dir_mode} of directories in $p"
find -L "$p" -type d -print | xargs -i chmod "${dir_mode}" '{}'
fi
if [[ -n ${file_mode} ]]; then
LOG_D "Change permissions to ${file_mode} of files in $p"
find -L "$p" -type f -print | xargs -i chmod "${file_mode}" '{}'
fi
if [[ -n $user ]] && [[ -n ${group} ]]; then
LOG_D "Change ownership to ${user}:${group} of files and directories in $p"
find -L "$p" \( \! -user ${user} -or \! -group ${group} \) -print | xargs -i chown -L "${user}":"${group}" '{}'
elif [[ -n $user ]] && [[ -z $group ]]; then
LOG_D "Change user to ${user} of files and directories in $p"
find -L "$p" \! -user ${user} -print | xargs -i chown -L "${user}" '{}'
elif [[ -z $user ]] && [[ -n $group ]]; then
LOG_D "Change group to ${group} of files and directories in $p"
find -L "$p" \! -group ${group} -print | xargs -i chgrp -L "${group}" '{}'
fi
else
LOG_E "$p does not exist"
fi
done
}
alpine/prebuilds/usr/local/scripts/liblog.sh
+81
View File
@@ -0,0 +1,81 @@
#!/bin/bash
# Ver: 1.1 by Endial Fang (endial@126.com)
#[[ ${ENV_DEBUG:-false} = true ]] && set -x
MODULE="$(basename "$0")"
RESET='\033[0m'
BOLD='\033[1m'
# 前景色
BLACK='\033[38;5;0m'
RED='\033[38;5;1m'
GREEN='\033[38;5;2m'
YELLOW='\033[38;5;3m'
BLUE='\033[38;5;4m'
MAGENTA='\033[38;5;5m'
CYAN='\033[38;5;6m'
WHITE='\033[38;5;7m'
# 背景色
ON_BLACK='\033[48;5;0m'
ON_RED='\033[48;5;1m'
ON_GREEN='\033[48;5;2m'
ON_YELLOW='\033[48;5;3m'
ON_BLUE='\033[48;5;4m'
ON_MAGENTA='\033[48;5;5m'
ON_CYAN='\033[48;5;6m'
ON_WHITE='\033[48;5;7m'
# 函数列表
# 打印输出到 STDERR 设备
stderr_print() {
printf "%b\\n" "${*}" >&2
}
# 输出实际日志信息
# 参数:
# $1 - 日志类型
# $2 - 日志信息
LOG() {
#stderr_print "${ENV_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}"
printf "${ENV_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}%s}${RESET} %b\n" "$(date "+%T")" "${*}"
}
# 输出调试类日志信息,尽量少使用
# 参数:
# $1 - 日志类型
# $2 - 日志信息
LOG_D() {
local -r bool="${ENV_DEBUG:-false}"
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
LOG "${BLUE}DBG${RESET}: ${*}"
fi
}
# 输出提示信息类日志信息
# 参数:
# $1 - 日志类型
# $2 - 日志信息
LOG_I() {
LOG "${GREEN}INF${RESET}: ${*}"
}
# 输出警告类日志信息至sterr
# 参数:
# $1 - 日志类型
# $2 - 日志信息
LOG_W() {
LOG "${YELLOW}WRN${RESET}: ${*}"
}
# 输出错误类日志信息至sterr,并退出脚本
# 参数:
# $1 - 日志类型
# $2 - 日志信息
LOG_E() {
LOG "${RED}ERR${RESET}: ${*}"
}
alpine/prebuilds/usr/local/scripts/libos.sh
+109
View File
@@ -0,0 +1,109 @@
#!/bin/bash
# Ver: 1.2 by Endial Fang (endial@126.com)
#
# 操作系统控制函数库
# 加载依赖项
. /usr/local/scripts/liblog.sh # 日志输出函数库
# 函数列表
# 检测指定用户账户是否存在
# 参数:
# $1 - 用户账户
user_exists() {
local user="${1:?user is missing}"
id "$user" >/dev/null 2>&1
}
# 检测指定用户分组是否存在
# 参数:
# $1 - 用户组
group_exists() {
local group="${1:?group is missing}"
getent group "$group" >/dev/null 2>&1
}
# 获取系统可用内存大小(MB)信息
get_total_memory() {
echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024))
}
# 获取以定量方式描述的内存大小
# 参数:
# $1 - 内存大小 (MB,可选)
get_machine_size() {
local memory="${1:-}"
if [[ -z "$memory" ]]; then
debug "Memory was not specified, detecting available memory automatically"
memory="$(get_total_memory)"
fi
sanitized_memory=$(convert_to_mb "$memory")
if [[ "$sanitized_memory" -gt 26000 ]]; then
echo 2xlarge
elif [[ "$sanitized_memory" -gt 13000 ]]; then
echo xlarge
elif [[ "$sanitized_memory" -gt 6000 ]]; then
echo large
elif [[ "$sanitized_memory" -gt 3000 ]]; then
echo medium
elif [[ "$sanitized_memory" -gt 1500 ]]; then
echo small
else
echo micro
fi
}
# 获取已定义的所有内存大小描述
get_supported_machine_sizes() {
echo micro small medium large xlarge 2xlarge
}
# 将以字符串表示的内存大小转换为以MB为单位的内存大小值 (i.e. 2G -> 2048)
# 参数:
# $1 - 内存大小
convert_to_mb() {
local amount="${1:-}"
if [[ $amount =~ ^([0-9]+)(M|G) ]]; then
size="${BASH_REMATCH[1]}"
unit="${BASH_REMATCH[2]}"
if [[ "$unit" = "G" ]]; then
amount="$((size * 1024))"
else
amount="$size"
fi
fi
echo "$amount"
}
# 如果禁用调试模式,将输出信息重定向至 /dev/null
# 参数:
# $@ - 待执行的命令
debug_execute() {
local -r bool="${ENV_DEBUG:-false}"
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
"$@"
else
"$@" >/dev/null 2>&1
fi
}
# 重试执行命令
# 参数:
# $1 - cmd (as a string)
# $2 - 最大尝试次数. Default: 12
# $3 - 重试前等待时间(秒). Default: 5
retry_while() {
local -r cmd="${1:?cmd is missing}"
local -r retries="${2:-12}"
local -r sleep_time="${3:-5}"
local return_value=1
read -r -a command <<< "$cmd"
for ((i = 1 ; i <= retries ; i+=1 )); do
"${command[@]}" && return_value=0 && break
sleep "$sleep_time"
done
return $return_value
}
alpine/prebuilds/usr/local/scripts/libservice.sh
+87
View File
@@ -0,0 +1,87 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 服务管理函数库
# shellcheck disable=SC1091
# 加载依赖项
. /usr/local/scripts/liblog.sh # 日志输出函数库
# 函数列表
# 获取并返回服务 PID
# 参数:
# $1 - PID 文件
get_pid_from_file() {
local pid_file="${1:?pid file is missing}"
if [[ -f "$pid_file" ]]; then
if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then
echo "$(< "$pid_file")"
fi
fi
}
# 检测 PID 对应的服务是否在运行中
# 参数:
# $1 - PID
is_service_running() {
local pid="${1:?pid is missing}"
kill -0 "$pid" 2>/dev/null
}
# 通过发送信号停止一个指定的服务
# 参数:
# $1 - PID 文件
# $2 - 信号 (可选)
stop_service_using_pid() {
local pid_file="${1:?pid file is missing}"
local signal="${2:-}"
local pid
pid="$(get_pid_from_file "$pid_file")"
[[ -z "$pid" ]] || ! is_service_running "$pid" && return
if [[ -n "$signal" ]]; then
kill "-${signal}" "$pid"
else
kill "$pid"
fi
local counter=10
while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do
sleep 1
counter=$((counter - 1))
done
}
# 生成一个 Logrotate 配置文件
# 参数:
# $1 - 应用名称
# $2 - 日志路径及日志文件名
# $3 - 周期
# $4 - Rotations 存储的数量
# $5 - 其他参数 (可选)
generate_logrotate_conf() {
local service_name="${1:?service name is missing}"
local log_path="${2:?log path is missing}"
local period="${3:-weekly}"
local rotations="${4:-150}"
local extra_options="${5:-}"
local logrotate_conf_dir="/etc/logrotate.d"
mkdir -p "$logrotate_conf_dir"
cat >"${logrotate_conf_dir}/${service_name}" <<-'EOF'
${log_path} {
${period}
rotate ${rotations}
dateext
compress
copytruncate
missingok
${extra_options}
}
EOF
}
alpine/prebuilds/usr/local/scripts/libvalidations.sh
+213
View File
@@ -0,0 +1,213 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 数据有效性校验函数库
# 加载依赖项
. /usr/local/scripts/liblog.sh # 日志输出函数库
# 函数列表
# 检测数据是否为整数
# 参数:
# $1 - 待检测的数据
is_int() {
local -r int="${1:?missing value}"
if [[ "$int" =~ ^-?[0-9]+ ]]; then
true
else
false
fi
}
# 检测数据是否为正整数
# 参数:
# $1 - 待检测的数据
is_positive_int() {
local -r int="${1:?missing value}"
if is_int "$int" && (( "${int}" >= 0 )); then
true
else
false
fi
}
# 检测数据是否为布尔值 '1' 或字符串 'yes/true'
# 参数:
# $1 - 待检测的数据
is_boolean_yes() {
local -r bool="${1:-}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
true
else
false
fi
}
# 检测数据是否为字符串 'yes/no'
# 参数:
# $1 - 待检测的数据
is_yes_no_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(yes|no)$ ]]; then
true
else
false
fi
}
# 检测数据是否为字符串 'true/false'
# 参数:
# $1 - 待检测的数据
is_true_false_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(true|false)$ ]]; then
true
else
false
fi
}
# 检测提供的参数是否为空字符串或未定义
# 参数:
# $1 - 待检测的数据
is_empty_value() {
local -r val="${1:-}"
if [[ -z "$val" ]]; then
true
else
false
fi
}
# 检测数据是否为有效的端口号
# 参数:
# $1 - 待检测的数据
# 返回值:
# 布尔值 或 错误消息
validate_port() {
local value
local unprivileged=0
# Parse flags
while [[ "$#" -gt 0 ]]; do
case "$1" in
-unprivileged)
unprivileged=1
;;
--)
shift
break
;;
-*)
LOG_E "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [[ "$#" -gt 1 ]]; then
LOG_E "too many arguments provided"
return 2
elif [[ "$#" -eq 0 ]]; then
LOG_E "missing port argument"
return 1
else
value=$1
fi
if [[ -z "$value" ]]; then
LOG_E "the value is empty"
return 1
else
if ! is_int "$value"; then
LOG_W "value is not an integer"
return 2
elif [[ "$value" -lt 0 ]]; then
LOG_W "negative value provided"
return 2
elif [[ "$value" -gt 65535 ]]; then
LOG_W "requested port is greater than 65535"
return 2
elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then
LOG_W "privileged port requested"
return 3
fi
fi
}
# 检测数据是否为有效的IPv4地址
# 参数:
# $1 - 待检测的数据
validate_ipv4() {
local ip="${1:?ip is missing}"
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")"
[[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \
&& ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]]
stat=$?
fi
return $stat
}
# 校验字符串格式
# 参数:
# $1 - 待检测的数据
validate_string() {
local string
local min_length=-1
local max_length=-1
# Parse flags
while [ "$#" -gt 0 ]; do
case "$1" in
-min-length)
shift
min_length=${1:-}
;;
-max-length)
shift
max_length=${1:-}
;;
--)
shift
break
;;
-*)
LOG_E "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [ "$#" -gt 1 ]; then
LOG_E "too many arguments provided"
return 2
elif [ "$#" -eq 0 ]; then
LOG_W "missing string"
return 1
else
string=$1
fi
if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then
LOG_I "string length is less than $min_length"
return 1
fi
if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then
LOG_I "string length is great than $max_length"
return 1
fi
}
alpine/prebuilds/usr/sbin/download_pkg
Executable
+160
View File
@@ -0,0 +1,160 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行)
set -eux
. /usr/local/scripts/liblog.sh
print_usage() {
LOG "Usage: download_pkg <COMMAND> <PACKAGE-NAME> \"<URLS>\" [OPTIONS]"
LOG ""
LOG "Download and install Third-Part packages"
LOG ""
LOG "Commands:"
LOG " install Download and install a package."
LOG " unpack Download and unpack a package."
LOG ""
LOG "Options:"
LOG " -g, --checkpgp Package release bucket."
LOG " -s, --checksum SHA256 verification checksum."
LOG " -h, --help Show this help message and exit."
LOG ""
LOG "PACKAGE-NAME: Name with extern name"
LOG "URLS: String with URL list"
LOG ""
LOG "Examples:"
LOG " - Unpack package"
LOG " \$ download_pkg unpack redis-5.0.8.tar.gz \"http://download.redis.io/releases/\""
LOG ""
LOG " - Verify and Install package"
LOG " \$ download_pkg install redis-5.0.8.tar.gz \"http://download.redis.io/releases/\" --checksum 42cf86a114d2a451b898fcda96acd4d01062a7dbaaad2801d9164a36f898f596"
LOG ""
}
check_pgp() {
local name_asc=${1:?missing asc file name}
local name=${2:?missing file name}
local keys="${3:?missing key id}"
GNUPGHOME="$(mktemp -d)"
if which gpg >/dev/null 2>&1; then
for key in $keys; do
gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "${key}" ||
gpg --batch --keyserver pgp.mit.edu --recv-keys "${key}" ||
gpg --batch --keyserver keys.gnupg.net --recv-keys "${key}" ||
gpg --batch --keyserver keyserver.pgp.com --recv-keys "${key}";
done
gpg --batch --verify "$name_asc" "$name"
command -v gpgconf > /dev/null && gpgconf --kill all
fi
}
# 获取并解析参数
ARGS=$(getopt -o g:s:h -l "checkpgp:,checksum:,help" -n "download-pkg" -- "$@")
if [ $? -ne 0 ];
then
exit 1
fi
eval set -- "$ARGS";
while true; do
case "$1" in
-g|--checkpgp)
shift
if [ -n "$1" ]; then
PACKAGE_KEYS=$1
shift
fi
;;
-s|--checksum)
shift
if [ -n "$1" ]; then
PACKAGE_SHA256=$1
shift
fi
;;
-h|--help)
print_usage
exit 0
;;
--)
shift
break
;;
esac
done
# 检测输入的命令是否合法
case "$1" in
install|unpack) ;;
*)
error "Unrecognized command: $1"
print_usage
exit 1
;;
esac
# 检测输入参数是否足够,需要至少提供软件包名称 及 下载路径
if [ $# -lt 3 ]; then
print_usage
exit 1
fi
INSTALL_ROOT=/usr/local
CACHE_ROOT=/tmp
PACKAGE="$2"
PACKAGE_URLS=$3
cd $INSTALL_ROOT
LOG_I "Downloading $PACKAGE package"
for url in $PACKAGE_URLS; do
LOG_D "Try $url/$PACKAGE"
if wget -O "$CACHE_ROOT/$PACKAGE" "$url/$PACKAGE" && [ -s "$CACHE_ROOT/$PACKAGE" ]; then
if [ -n "$PACKAGE_KEYS" ]; then
wget -O "$CACHE_ROOT/$PACKAGE.asc" "$url/$PACKAGE.asc"
if [ ! -e "$CACHE_ROOT/$PACKAGE.asc" ]; then
wget -O "$CACHE_ROOT/$PACKAGE.asc" "$url/$PACKAGE.sig"
fi
fi
success=1
break
fi
done
if [ "$PACKAGE_SHA256" ]; then
LOG_I "Verifying package integrity"
echo "$PACKAGE_SHA256 *$CACHE_ROOT/$PACKAGE" | sha256sum -c -
fi
if [ -e "$CACHE_ROOT/$PACKAGE.asc" ]; then
LOG_I "Verifying package with PGP"
check_pgp "$CACHE_ROOT/$PACKAGE.asc" "$CACHE_ROOT/$PACKAGE" "$PACKAGE_KEYS"
fi
# If the tarball has too many files, it can trigger a bug
# in overlayfs when using tar. Install bsdtar in the container image
# to workaround it. As the overhead is too big (~40 MB), it is not added by
# default. Source: https://github.com/coreos/bugs/issues/1095
# 安装或解压软件
case "$1" in
install)
LOG_I "Installing $PACKAGE"
cp $CACHE_ROOT/$PACKAGE /usr/local/bin/
;;
unpack)
if ! tar tzf $CACHE_ROOT/$PACKAGE >/dev/null 2>&1; then
LOG_E "Invalid or corrupt '$PACKAGE' package."
exit 1
fi
LOG_I "Unpacking $PACKAGE"
if which bsdtar >/dev/null 2>&1; then
bsdtar -xf $CACHE_ROOT/$PACKAGE
else
tar xzf $CACHE_ROOT/$PACKAGE --no-same-owner
fi
;;
esac
alpine/prebuilds/usr/sbin/install_pkg
Executable
+53
View File
@@ -0,0 +1,53 @@
#!/bin/sh
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行)
set -eux
print_usage() {
echo "Usage: install_pkg <PACKAGE-NAME>"
echo ""
echo "Download and install packages"
echo ""
echo "Options:"
echo " -h, --help Show this help message and exit."
echo ""
echo "Examples:"
echo " - Unpack package"
echo " \$ install_pkg bash curl"
echo ""
}
if [ $# -lt 1 ]; then
print_usage
exit 1
fi
case "$1" in
-h|--help)
print_usage
exit 0
;;
esac
retry=0
max=2
until [ $retry -gt $max ]; do
set +e
(
apk update --no-cache &&
apk upgrade --no-cache &&
apk add --no-cache "$@"
)
CODE=$?
set -e
if [ $CODE -eq 0 ]; then
break
fi
if [ $retry -eq $max ]; then
exit $CODE
fi
echo "APK failed, retrying"
retry=$(($retry + 1))
done
rm -r /var/cache/apk/* /root/.cache /tmp/* || :
alpine/prebuilds/usr/sbin/select_source
Executable
+6
View File
@@ -0,0 +1,6 @@
#!/bin/sh
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行)
set -eux
cp /etc/apk/repositories.${1:-default} /etc/apk/repositories