docker/template
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[fix:debian]梳理脚本

Browse Source
This commit is contained in:
房振会
2020-09-09 22:13:49 +08:00
parent 336e076dd9
commit ceae86e74c
27 changed files with 656 additions and 830 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Dockerfile
+63 -154
View File
@@ -1,24 +1,55 @@
# Ver: 1.0 by Endial Fang (endial@126.com)
# Ver: 1.2 by Endial Fang (endial@126.com)
#
# 指定原始系统镜像,常用镜像为 colovu/ubuntu:18.04、colovu/debian:10、colovu/alpine:3.12、colovu/openjdk:8u252-jre
FROM colovu/debian:10
# ARG参数使用"--build-arg"指定,如 "--build-arg apt_source=tencent"
# 预处理 =========================================================================
FROM colovu/dbuilder as builder
# sources.list 可使用版本:default / tencent / ustc / aliyun / huawei
ARG apt_source=default
# 外部指定应用版本信息,如 "--build-arg app_ver=6.0.0"
ARG app_ver=5.0.8
# 编译镜像时指定用于加速的本地服务器地址
ARG local_url=""
# 定义应用基础常量信息,该常量在容器内可使用
ENV APP_NAME=redis \
APP_EXEC=redis-server \
APP_VERSION=${app_ver}
WORKDIR /usr/local
RUN select_source ${apt_source};
# 下载并解压软件包
#RUN set -eux; \
# appVersion=1.12; \
# appName=gosu-"$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
# appKeys="0xB42F6819007F00F88E364FD4036A9C25BF357DD4"; \
# [ ! -z ${local_url} ] && localURL=${local_url}/gosu; \
# appUrls="${localURL:-} \
# https://github.com/tianon/gosu/releases/download/${appVersion} \
# "; \
# download_pkg install ${appName} "${appUrls}" -g "${appKeys}"; \
# chmod +x /usr/local/bin/${appName};
# 源码编译软件包
#RUN set -eux; \
# 源码编译方式安装: 编译后将原始配置文件拷贝至 ${APP_DEF_DIR} 中
# APP_SRC="/usr/local/src/${APP_NAME}-${APP_VERSION}"; \
# mkdir -p ${APP_SRC}; \
# tar --extract --file "${DIST_NAME}" --directory "${APP_SRC}" --strip-components 1; \
# cd ${APP_SRC}; \
# ./configure ; \
# make -j "$(nproc)"; \
# make install; \
# cp -rf ./conf/* ${APP_DEF_DIR}/;
# 镜像生成 ========================================================================
FROM colovu/debian:10
ARG apt_source=default
ARG local_url=""
ENV APP_NAME=test \
APP_USER=builder \
APP_EXEC=/bin/bash \
APP_VERSION=1.0.0
# 定义应用基础目录信息,该常量在容器内可使用
ENV APP_HOME_DIR=/usr/local/${APP_NAME} \
APP_DEF_DIR=/etc/${APP_NAME} \
APP_CONF_DIR=/srv/conf/${APP_NAME} \
@@ -29,165 +60,43 @@ ENV APP_HOME_DIR=/usr/local/${APP_NAME} \
APP_LOG_DIR=/var/log/${APP_NAME} \
APP_CERT_DIR=/srv/cert/${APP_NAME}
# 设置应用需要的特定环境变量
ENV \
PATH="${APP_HOME_DIR}/bin:${PATH}"
LABEL \
"Version"="v${app_ver}" \
"Description"="Docker image for ${APP_NAME}(v${app_ver})." \
"Version"="v${APP_VERSION}" \
"Description"="Docker image for ${APP_NAME}(v${APP_VERSION})." \
"Dockerfile"="https://github.com/colovu/docker-${APP_NAME}" \
"Vendor"="Endial Fang (endial@126.com)"
# 拷贝默认 Shell 脚本至容器相关目录中
COPY prebuilds /
# 镜像内相应应用及依赖软件包的安装脚本;以下脚本可按照不同需求拆分为多个段,但需要注意各个段在结束前需要清空缓存
RUN \
# 设置程序使用静默安装,而非交互模式;默认情况下,类似 tzdata/gnupg/ca-certificates 等程序配置需要交互
export DEBIAN_FRONTEND=noninteractive; \
\
# 设置 shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行)
set -eux; \
\
# 更改源为当次编译指定的源
cp /etc/apt/sources.list.${apt_source} /etc/apt/sources.list; \
\
# 为应用创建对应的组、用户、相关目录
export APP_DIRS="${APP_DEF_DIR:-} ${APP_CONF_DIR:-} ${APP_DATA_DIR:-} ${APP_CACHE_DIR:-} ${APP_RUN_DIR:-} ${APP_LOG_DIR:-} ${APP_CERT_DIR:-} ${APP_DATA_LOG_DIR:-} ${APP_HOME_DIR:-${APP_DATA_DIR}}"; \
mkdir -p ${APP_DIRS}; \
groupadd -r -g 998 ${APP_NAME}; \
useradd -r -g ${APP_NAME} -u 999 -s /usr/sbin/nologin -d ${APP_DATA_DIR} ${APP_NAME}; \
\
# 应用软件包及依赖项。相关软件包在镜像创建完成时,不会被清理
appDeps=" \
curl \
ca-certificates \
"; \
savedAptMark="$(apt-mark showmanual) ${appDeps}"; \
\
\
\
# 安装临时使用的软件包及依赖项。相关软件包在镜像创建完后时,会被清理
fetchDeps=" \
wget \
ca-certificates \
\
apt-transport-https \
lsb-release \
\
autoconf \
automake \
gcc \
g++ \
gcc-multilib \
make \
\
dirmngr \
gnupg \
\
xz-utils \
"; \
apt-get update; \
apt-get upgrade -y; \
apt-get install -y --no-install-recommends ${fetchDeps}; \
\
\
\
# 获取当前系统架构及系统名称
dpkgOsArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
dpkgOsName="$(uname | tr [:'upper':] [:'lower':])"; \
\
# 下载需要的软件包资源。可使用 不校验、签名校验、SHA256 校验 三种方式
DIST_NAME="${APP_NAME}-${APP_VERSION}.tar.gz"; \
DIST_SHA256="ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46"; \
DIST_KEYIDS="0x3D296268A36FACA1B7EAF110792D43153B5B5147 \
0x3D296268A36FACA1B7EAF110792D43153B5B5147"; \
DIST_URLS=" \
${local_url} \
'https://www.apache.org/dyn/closer.cgi?action=download&filename='${APP_NAME}/${APP_NAME}-${APP_VERSION}/ \
https://www-us.apache.org/dist/${APP_NAME}/${APP_NAME}-${APP_VERSION}/ \
https://www.apache.org/dist/${APP_NAME}/${APP_NAME}-${APP_VERSION}/ \
https://archive.apache.org/dist/${APP_NAME}/${APP_NAME}-${APP_VERSION}/ \
"; \
. /usr/local/scripts/libdownload.sh && download_dist "${DIST_NAME}" "${DIST_URLS}"; \
. /usr/local/scripts/libdownload.sh && download_dist "${DIST_NAME}" "${DIST_URLS}" --pgpkey "${DIST_KEYIDS}"; \
. /usr/local/scripts/libdownload.sh && download_dist "${DIST_NAME}" "${DIST_URLS}" --checksum "${DIST_SHA256}"; \
\
\
\
# 二进制解压方式安装: 解压后将原始配置文件拷贝至 ${APP_DEF_DIR} 中
tar --extract --file "${DIST_NAME}" --directory "${APP_HOME_DIR}" --strip-components 1; \
cp -rf ${APP_HOME_DIR}/conf/* "${APP_DEF_DIR}/"; \
rm -rf "${DIST_NAME}"; \
\
\
\
# 源码编译方式安装: 编译后将原始配置文件拷贝至 ${APP_DEF_DIR} 中
APP_SRC="/usr/local/src/${APP_NAME}-${APP_VERSION}"; \
mkdir -p ${APP_SRC}; \
tar --extract --file "${DIST_NAME}" --directory "${APP_SRC}" --strip-components 1; \
cd ${APP_SRC}; \
./configure ; \
make -j "$(nproc)"; \
make install; \
cp -rf ./conf/* ${APP_DEF_DIR}/; \
cd /; \
rm -rf ${APP_SRC} ${DIST_NAME}; \
\
\
\
# 包管理方式安装: 增加软件包特有源,并使用系统包管理方式安装软件; 安装后需要确认 ${APP_DEF_DIR} 目录中存在原始配置文件
echo "deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main ${APP_VERSION}" >> /etc/apt/sources.list; \
echo "deb-src http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main ${APP_VERSION}" >> /etc/apt/sources.list; \
apt-get update; \
apt-get upgrade -y; \
apt-get install -y --no-install-recommends ${appDeps}; \
\
\
\
# 设置应用关联目录的权限信息
chown -Rf ${APP_NAME}:${APP_NAME} ${APP_DIRS}; \
\
# 查找新安装的应用及应用依赖软件包,并标识为'manual',防止后续自动清理时被删除
apt-mark auto '.*' > /dev/null; \
{ [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; }; \
find /usr/local -type f -executable -exec ldd '{}' ';' \
| awk '/=>/ { print $(NF-1) }' \
| sort -u \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
| xargs -r apt-mark manual; \
\
# 删除安装的临时依赖软件包,清理缓存
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false ${fetchDeps}; \
apt-get autoclean -y; \
rm -rf /var/lib/apt/lists/*; \
:;
# 拷贝应用专用 Shell 脚本至容器相关目录中
COPY customer /
# 以包管理方式安装软件包(Optional)
#RUN select_source ${apt_source}
#RUN install_pkg bash tini sudo
RUN create_user && prepare_env
# 从预处理过程中拷贝软件包(Optional)
#COPY --from=0 /usr/local/bin/gosu-amd64 /usr/local/bin/gosu
#COPY --from=builder /usr/local/bin/gosu-amd64 /usr/local/bin/gosu
# 执行预处理脚本,并验证安装的软件包
RUN set -eux; \
# 设置容器入口脚本的可执行权限
chmod +x /usr/local/bin/entrypoint.sh; \
\
# 检测是否存在对应版本的 overrides 脚本文件;如果存在,执行
{ [ ! -e "/usr/local/overrides/overrides-${app_ver}.sh" ] || /bin/bash "/usr/local/overrides/overrides-${app_ver}.sh"; }; \
\
# 验证安装的软件是否可以正常运行,常规情况下放置在命令行的最后
gosu ${APP_NAME} ${APP_EXEC} --version ; \
override_file="/usr/local/overrides/overrides-${APP_VERSION}.sh"; \
[[ -e "${override_file}" ]] && /bin/bash "${override_file}"; \
gosu ${APP_USER} ${APP_EXEC} --version ; \
:;
# 默认提供的数据卷
VOLUME ["/srv/conf", "/srv/data", "/srv/cert", "/srv/datalog", "/var/log"]
VOLUME ["/srv/conf", "/srv/data", "/srv/datalog", "/srv/cert", "/var/log"]
# 默认使用gosu切换为新建用户启动,必须保证端口在1024之上
EXPOSE 8080
# 容器初始化命令,默认存放在:/usr/local/bin/entrypoint.sh
ENTRYPOINT ["entrypoint.sh"]
# 容器初始化命令,默认存放在:/usr/local/bin/entry.sh
ENTRYPOINT ["entry.sh"]
# 应用程序的服务命令,必须使用非守护进程方式运行。如果使用变量,则该变量必须在运行环境中存在(ENV可以获取)
CMD ["${APP_EXEC}", "parameter"]
CMD ["${APP_EXEC}"]
Makefile
+15 -5
View File
@@ -2,10 +2,10 @@
#
# 当前 Docker 镜像的编译脚本
app_name := colovu/alpine
app_name := colovu/test
# 生成镜像TAG,类似:
# <镜像名>:<分支名>-<Git ID> # Git 仓库且无文件修改直接编译
# <镜像名>:<分支名>-<Git ID> # Git 仓库且无文件修改直接编译
# <镜像名>:<分支名>-<年月日>-<时分秒> # Git 仓库有文件修改后的编译
# <镜像名>:latest-<年月日>-<时分秒> # 非 Git 仓库编译
current_subversion:=$(shell if [[ -d .git ]]; then git rev-parse --short HEAD; else date +%y%m%d-%H%M%S; fi)
@@ -16,13 +16,13 @@ build-arg:=--build-arg apt_source=tencent
# 设置本地下载服务器路径,加速调试时的本地编译速度
local_ip:=`ifconfig -a|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print $$2}'|tr -d "addr:"`
build-arg+=--build-arg local_url=http://$(local_ip)/dist-files/
build-arg+=--build-arg local_url=http://$(local_ip)/dist-files
.PHONY: build clean clearclean upgrade
.PHONY: build clean clearclean upgrade tag push
build:
@echo "Build $(app_name):$(current_tag)"
@docker build --force-rm $(build-arg) -t $(app_name):$(current_tag) .
@docker build --force-rm $(build-arg) -t $(app_name):$(current_tag) ./alpine
@echo "Add tag: $(app_name):latest"
@docker tag $(app_name):$(current_tag) $(app_name):latest
@@ -37,6 +37,16 @@ clearclean: clean
@echo "Clean all images for current application..."
@docker images | grep "$(app_name) " | awk '{print $$3}' | xargs docker rmi -f
tag:
@echo "Add tag: $(local_registory)/$(app_name):latest"
@docker tag $(app_name):latest $(local_registory)/$(app_name):latest
push: tag
@echo "Push: $(local_registory)/$(app_name):latest"
@docker push $(local_registory)/$(app_name):latest
@echo "Push: $(app_name):latest"
@docker push $(app_name):latest
# 更新所有 colovu 仓库的镜像
upgrade:
@echo "Upgrade all images..."
customer/usr/local/bin/appcommon.sh
+46 -76
View File
@@ -4,13 +4,14 @@
# 应用通用业务处理函数
# 加载依赖脚本
. /usr/local/scripts/libcommon.sh # 通用函数库
. /usr/local/scripts/libfile.sh
. /usr/local/scripts/libfs.sh
. /usr/local/scripts/libos.sh
. /usr/local/scripts/libservice.sh
. /usr/local/scripts/libvalidations.sh
. /usr/local/scripts/libnet.sh
# 函数列表
@@ -21,44 +22,35 @@
# *_* : 应用配置文件使用的全局变量,变量名根据配置项定义
# 返回值:
# 可以被 'eval' 使用的序列化输出
docker_app_env() {
cat <<"EOF"
# Common Settings
export ENV_DEBUG=${ENV_DEBUG:-false}
# Paths
# Application settings
# Application Cluster configuration
# Application TLS Settings
# JVM settings
# Application Authentication
app_env() {
cat <<-'EOF'
# Common Settings
export ENV_DEBUG=${ENV_DEBUG:-false}
# Paths configuration
# Application settings
# Cluster configuration
# TLS Settings
# JVM settings
# Authentication
EOF
# 利用 *_FILE 设置密码,不在配置命令中设置密码,增强安全性
# if [[ -f "${ZOO_CLIENT_PASSWORD_FILE:-}" ]]; then
# cat <<"EOF"
#export ZOO_CLIENT_PASSWORD="$(< "${ZOO_CLIENT_PASSWORD_FILE}")"
#EOF
# fi
if [[ -f "${APP_CLIENT_PASSWORD_FILE:-}" ]]; then
cat <<-'EOF'
export APP_CLIENT_PASSWORD="$(< "${APP_CLIENT_PASSWORD_FILE}")"
EOF
fi
}
# 使用环境变量中以 "ZOO_CFG_" 开头的的全局变量更新配置文件中对应项(全小写,以"."分隔)
# 全局变量:
# ZOO_CFG_*
# 使用环境变量中以 "APP_CFG_" 开头的的全局变量更新配置文件中对应项(全小写,以"."分隔)
# 举例:
# ZOO_CFG_LOG_DIRS 对应配置文件中的配置项:log.dirs
app_configure_from_environment_variables() {
# APP_CFG_LOG_DIRS 对应配置文件中的配置项:log.dirs
app_configure_from_env_variables() {
# Map environment variables to config properties
for var in "${!ZOO_CFG_@}"; do
key="$(echo "$var" | sed -e 's/^ZOO_CFG_//g' -e 's/_/\./g' | tr '[:upper:]' '[:lower:]')"
for var in "${!APP_CFG_@}"; do
key="$(echo "$var" | sed -e 's/^APP_CFG_//g' -e 's/_/\./g' | tr '[:upper:]' '[:lower:]')"
value="${!var}"
zoo_conf_set "$key" "$value"
app_conf_set "$key" "$value"
done
}
@@ -67,7 +59,7 @@ app_configure_from_environment_variables() {
# $1 - 文件
# $2 - 变量
# $3 - 值(列表)
zoo_common_conf_set() {
app_common_conf_set() {
local file="${1:?missing file}"
local key="${2:?missing key}"
shift
@@ -79,7 +71,7 @@ zoo_common_conf_set() {
return 1
elif [[ "${#values[@]}" -ne 1 ]]; then
for i in "${!values[@]}"; do
zoo_common_conf_set "$file" "${key[$i]}" "${values[$i]}"
app_common_conf_set "$file" "${key[$i]}" "${values[$i]}"
done
else
value="${values[0]}"
@@ -95,45 +87,37 @@ zoo_common_conf_set() {
}
# 更新 server.properties 配置文件中指定变量值
# 全局变量:
# APP_CONF_DIR
# 变量:
# $1 - 变量
# $2 - 值(列表)
zoo_conf_set() {
zoo_common_conf_set "$APP_CONF_DIR/zoo.cfg" "$@"
app_conf_set() {
app_common_conf_set "${APP_CONF_DIR}/zoo.cfg" "$@"
}
# 更新 log4j.properties 配置文件中指定变量值
# 全局变量:
# APP_CONF_DIR
# 变量:
# $1 - 变量
# $2 - 值(列表)
zoo_log4j_set() {
zoo_common_conf_set "$APP_CONF_DIR/log4j.properties" "$@"
app_log4j_set() {
app_common_conf_set "${APP_CONF_DIR}/log4j.properties" "$@"
}
# 生成默认配置文件
# 全局变量:
# ZOO_*
zoo_generate_conf() {
app_generate_conf() {
# 准备原始默认配置文件或生成空文件
cp "${APP_CONF_DIR}/zoo_sample.cfg" "$APP_CONF_FILE"
cp "${APP_CONF_DIR}/app_sample.cfg" "${APP_CONF_FILE}"
echo "">> "$APP_CONF_FILE"
echo "">> "${APP_CONF_FILE}"
# 根据容器参数,设置配置文件
zoo_log4j_set "zookeeper.console.threshold" "$ZOO_LOG_LEVEL"
zoo_log4j_set "zookeeper.log.dir" "${APP_LOG_DIR}"
app_log4j_set "zookeeper.console.threshold" "${ZOO_LOG_LEVEL}"
app_log4j_set "zookeeper.log.dir" "${APP_LOG_DIR}"
}
# 设置环境变量 JVMFLAGS
# 全局变量:
# JVMFLAGS
# 参数:
# $1 - value
zoo_export_jvmflags() {
app_export_jvmflags() {
local -r value="${1:?value is required}"
export JVMFLAGS="${JVMFLAGS} ${value}"
@@ -141,28 +125,24 @@ zoo_export_jvmflags() {
}
# 配置 HEAP 大小
# 全局变量:
# JVMFLAGS
# 参数:
# $1 - HEAP 大小
zoo_configure_heap_size() {
app_configure_heap_size() {
local -r heap_size="${1:?heap_size is required}"
if [[ "$JVMFLAGS" =~ -Xm[xs].*-Xm[xs] ]]; then
if [[ "${JVMFLAGS}" =~ -Xm[xs].*-Xm[xs] ]]; then
LOG_D "Using specified values (JVMFLAGS=${JVMFLAGS})"
else
LOG_D "Setting '-Xmx${heap_size}m -Xms${heap_size}m' heap options..."
zoo_export_jvmflags "-Xmx${heap_size}m -Xms${heap_size}m"
app_export_jvmflags "-Xmx${heap_size}m -Xms${heap_size}m"
fi
}
# 检测用户参数信息是否满足条件; 针对部分权限过于开放情况,打印提示信息
# 全局变量:
# ZOO_*
app_verify_minimum_env() {
local error_code=0
LOG_D "Validating settings in ZOO_* env vars..."
LOG_D "Validating settings in APP_* env vars..."
print_validation_error() {
LOG_E "$1"
@@ -199,7 +179,7 @@ app_wait_service() {
let i=1
if [[ -z "$(which nc)" ]]; then
LOG_E "Nedd nc installed before, command: apt-get install netcat."
LOG_E "Nedd nc installed before, command: \"apt-get install netcat\"."
exit 1
fi
@@ -229,8 +209,6 @@ app_wait_service() {
}
# 以后台方式启动应用服务,并等待启动就绪
# 全局变量:
# ZOO_*
app_start_server_bg() {
is_app_server_running && return
LOG_I "Starting ${APP_NAME} in background..."
@@ -258,8 +236,6 @@ app_start_server_bg() {
}
# 停止应用服务
# 全局变量:
# APP_*
app_stop_server() {
is_app_server_running || return
LOG_I "Stopping ${APP_NAME}..."
@@ -287,10 +263,6 @@ app_stop_server() {
}
# 检测应用服务是否在后台运行中
# 全局变量:
# ZOO_*
# 返回值:
# 布尔值
is_app_server_running() {
LOG_D "Check if ${APP_NAME} is running..."
local pid
@@ -310,8 +282,6 @@ app_clean_tmp_file() {
}
# 在重新启动容器时,删除标志文件及必须删除的临时文件 (容器重新启动)
# 全局变量:
# APP_*
app_clean_from_restart() {
LOG_D "Clean ${APP_NAME} tmp files for restart..."
local -r -a files=(
@@ -328,7 +298,7 @@ app_clean_from_restart() {
# 应用默认初始化操作
# 执行完毕后,生成文件 ${APP_CONF_DIR}/.app_init_flag 及 ${APP_DATA_DIR}/.data_init_flag 文件
docker_app_init() {
app_default_init() {
app_clean_from_restart
LOG_D "Check init status of ${APP_NAME}..."
@@ -361,7 +331,7 @@ docker_app_init() {
# 用户自定义的前置初始化操作,依次执行目录 preinitdb.d 中的初始化脚本
# 执行完毕后,生成文件 ${APP_DATA_DIR}/.custom_preinit_flag
docker_custom_preinit() {
app_custom_preinit() {
LOG_D "Check custom pre-init status of ${APP_NAME}..."
# 检测用户配置文件目录是否存在 preinitdb.d 文件夹,如果存在,尝试执行目录中的初始化脚本
@@ -372,7 +342,7 @@ docker_custom_preinit() {
LOG_I "Process custom pre-init scripts from /srv/conf/${APP_NAME}/preinitdb.d..."
# 检索所有可执行脚本,排序后执行
find "/srv/conf/${APP_NAME}/preinitdb.d/" -type f -regex ".*\.\(sh\)" | sort | docker_process_init_files
find "/srv/conf/${APP_NAME}/preinitdb.d/" -type f -regex ".*\.\(sh\)" | sort | process_init_files
touch ${APP_DATA_DIR}/.custom_preinit_flag
echo "$(date '+%Y-%m-%d %H:%M:%S') : Init success." >> ${APP_DATA_DIR}/.custom_preinit_flag
@@ -390,7 +360,7 @@ docker_custom_preinit() {
# 用户自定义的应用初始化操作,依次执行目录initdb.d中的初始化脚本
# 执行完毕后,生成文件 ${APP_DATA_DIR}/.custom_init_flag
docker_custom_init() {
app_custom_init() {
LOG_D "Check custom init status of ${APP_NAME}..."
# 检测用户配置文件目录是否存在 initdb.d 文件夹,如果存在,尝试执行目录中的初始化脚本
@@ -413,8 +383,8 @@ docker_custom_init() {
LOG_D "Sourcing $f"; . "$f"
fi
;;
*.sql) LOG_D "Executing $f"; postgresql_execute "$PG_DATABASE" "$PG_INITSCRIPTS_USERNAME" "$PG_INITSCRIPTS_PASSWORD" < "$f";;
*.sql.gz) LOG_D "Executing $f"; gunzip -c "$f" | postgresql_execute "$PG_DATABASE" "$PG_INITSCRIPTS_USERNAME" "$PG_INITSCRIPTS_PASSWORD";;
#*.sql) LOG_D "Executing $f"; postgresql_execute "$PG_DATABASE" "$PG_INITSCRIPTS_USERNAME" "$PG_INITSCRIPTS_PASSWORD" < "$f";;
#*.sql.gz) LOG_D "Executing $f"; gunzip -c "$f" | postgresql_execute "$PG_DATABASE" "$PG_INITSCRIPTS_USERNAME" "$PG_INITSCRIPTS_PASSWORD";;
*) LOG_D "Ignoring $f" ;;
esac
done
customer/usr/local/bin/entry.sh
Executable
+34
View File
@@ -0,0 +1,34 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 容器入口脚本
# 设置 shell 执行参数,可使用'-'(打开)'+'(关闭)控制。常用:
# -e: 命令执行错误则报错; -u: 变量未定义则报错; -x: 打印实际待执行的命令行; -o pipefail: 设置管道中命令遇到失败则报错
set -eu
set -o pipefail
. /usr/local/bin/appcommon.sh # 应用专用函数库
eval "$(app_env)"
LOG_I "** Processing entry.sh **"
if ! is_sourced; then
# 替换命令行中的变量
set -- $(eval echo "$@")
[ "${1:0:1}" = '-' ] && set -- "${APP_EXEC:-}" "$@"
print_image_welcome
print_command_help "$@"
if [ "$1" = "${APP_EXEC}" ] && is_root; then
/usr/local/bin/setup.sh
LOG_I "Restart with non-root user: ${APP_USER:-APP_NAME}\n"
exec gosu "${APP_USER:-APP_NAME}" "$0" "$@"
fi
LOG_I "Start container with command: $@"
exec tini -- "$@"
fi
customer/usr/local/bin/entrypoint.sh
-109
View File
@@ -1,109 +0,0 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 容器入口脚本
# 设置遇到执行错误则退出执行
set -o errexit
# 设置脚本遇到未初始化或声明的变量退出执行
set -o nounset
# 设置遇到管道命令失败则退出执行
set -o pipefail
# 设置调试信息输出,及命令在执行前先打印命令执行前的命令内容
# set -o xtrace
# 加载依赖脚本
#. /usr/local/scripts/liblog.sh # 日志输出函数库
#. /usr/local/scripts/libcommon.sh # 通用函数库
. /usr/local/bin/appcommon.sh # 应用专用函数库
LOG_D "Process entrypoint.sh..."
# 初始化环境变量。 docker_app_env()函数在文件 appcommon.sh 中定义
eval "$(docker_app_env)"
# 定义容器中使用的默认目录(未定义时设置默认值为空"")
APP_DIRS="${APP_CONF_DIR:-} ${APP_DATA_DIR:-} ${APP_LOG_DIR:-} ${APP_CERT_DIR:-} ${APP_DATA_LOG_DIR:-}"
# 打印镜像欢迎信息
docker_print_welcome
# 检测数据卷中相关目录,创建默认的关联目录,并拷贝所必须的默认配置文件及初始化文件
# 全局变量:
# APP_*
docker_ensure_dir_and_configs() {
_is_restart && return
local user_id; user_id="$(id -u)"
LOG_I "Check directories: ${APP_DIRS}"
for dir in ${APP_DIRS}; do
LOG_D " Check $dir"
ensure_dir_exists "$dir"
done
# 检测指定文件是否在配置文件存储目录存在,如果不存在则拷贝(新挂载数据卷、手动删除都会导致不存在)
LOG_I "Check config files in: ${APP_CONF_DIR}"
if [[ ! -z "$(ls -A "${APP_DEF_DIR}")" ]]; then
ensure_config_file_exist "${APP_DEF_DIR}" $(ls -A "${APP_DEF_DIR}")
fi
}
_main() {
# 替换命令行中的变量
set -- $(eval echo "$@")
# 如果命令行参数是以配置参数("-")开始,修改执行命令,确保使用可执行应用命令启动服务器
if [ "${1:0:1}" = '-' ]; then
set -- "${APP_EXEC}" "$@"
fi
# 命令行参数以可执行应用命令起始,且不包含直接返回的命令(如:-V、--version、--help)时,执行初始化操作
if [ "$1" = "${APP_EXEC}" ] && ! docker_command_help "$@"; then
# 检测启动容器时设置的环境变量是否有效
app_verify_minimum_env
# 检测应用需要使用的目录及配置文件是否存在
docker_ensure_dir_and_configs
# 以root用户运行时,会使用gosu重新以"APP_NAME"用户运行当前脚本
if _is_run_as_root; then
LOG_D "Change permissions when run as root"
# 以root用户启动时,修改相应目录的所属用户信息为 APP_NAME ,确保切换用户时,权限正常
for dir in ${APP_DIRS}; do
chmod 755 ${dir}
configure_permissions_ownership "$dir" -u "${APP_NAME}" -g "${APP_NAME}"
:
done
# 解决使用gosu后,nginx: [emerg] open() "/dev/stdout" failed (13: Permission denied)
LOG_D "Change permissions of stdout/stderr to 0622"
chmod 0622 /dev/stdout /dev/stderr
LOG_I ""
LOG_I "Restart container with default user: ${APP_NAME}"
LOG_I " command: $@"
export RESTART_FLAG=1
exec gosu "${APP_NAME}" "$0" "$@"
fi
# 执行应用预初始化操作
docker_custom_preinit
# 执行应用初始化操作
docker_app_init
# 执行用户自定义初始化脚本
docker_custom_init
fi
LOG_I "Start container with command: $@"
# 执行命令行。
exec "$@"
}
# 脚本入口命令
if ! _is_sourced; then
_main "$@"
fi
customer/usr/local/bin/init.sh
Executable
+25
View File
@@ -0,0 +1,25 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 应用初始化脚本
# 设置 shell 执行参数,可使用'-'(打开)'+'(关闭)控制。常用:
# -e: 命令执行错误则报错; -u: 变量未定义则报错; -x: 打印实际待执行的命令行; -o pipefail: 设置管道中命令遇到失败则报错
set -eu
set -o pipefail
. /usr/local/bin/appcommon.sh # 应用专用函数库
eval "$(app_env)"
LOG_I "** Processing init.sh **"
# 执行应用预初始化操作
app_custom_preinit
# 执行应用初始化操作
app_default_init
# 执行用户自定义初始化脚本
app_custom_init
LOG_I "** Processing init.sh finished! **"
customer/usr/local/bin/run.sh
Executable
+25
View File
@@ -0,0 +1,25 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 应用启动脚本
# 设置 shell 执行参数,可使用'-'(打开)'+'(关闭)控制。常用:
# -e: 命令执行错误则报错; -u: 变量未定义则报错; -x: 打印实际待执行的命令行; -o pipefail: 设置管道中命令遇到失败则报错
set -eu
set -o pipefail
. /usr/local/bin/appcommon.sh # 应用专用函数库
eval "$(app_env)"
LOG_I "** Processing run.sh **"
flags=("${APP_CONF_FILE:-}")
[[ -z "${APP_EXTRA_FLAGS:-}" ]] || flags=("${flags[@]}" "${APP_EXTRA_FLAGS[@]}")
START_COMMAND=("${APP_EXEC:-/bin/bash}" "${flags[@]}")
LOG_I "** Starting ${APP_NAME} **"
if is_root; then
exec gosu "${APP_USER:-APP_NAME}" tini -s -- "${START_COMMAND[@]}"
else
exec tini -s -- "${START_COMMAND[@]}"
fi
customer/usr/local/bin/setup.sh
Executable
+37
View File
@@ -0,0 +1,37 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 应用环境及依赖文件设置脚本
# 设置 shell 执行参数,可使用'-'(打开)'+'(关闭)控制。常用:
# -e: 命令执行错误则报错; -u: 变量未定义则报错; -x: 打印实际待执行的命令行; -o pipefail: 设置管道中命令遇到失败则报错
set -eu
set -o pipefail
. /usr/local/bin/appcommon.sh # 应用专用函数库
eval "$(app_env)"
LOG_I "** Processing setup.sh **"
APP_DIRS="${APP_CONF_DIR:-} ${APP_DATA_DIR:-} ${APP_LOG_DIR:-} ${APP_CERT_DIR:-} ${APP_DATA_LOG_DIR:-}"
for dir in ${APP_DIRS}; do
ensure_dir_exists ${dir}
done
app_verify_minimum_env
# 检测指定文件是否在配置文件存储目录存在,如果不存在则拷贝(新挂载数据卷、手动删除都会导致不存在)
LOG_I "Check config files in: ${APP_CONF_DIR}"
if [[ ! -z "$(ls -A "${APP_DEF_DIR}")" ]]; then
ensure_config_file_exist "${APP_DEF_DIR}" $(ls -A "${APP_DEF_DIR}")
fi
for dir in ${APP_DIRS}; do
configure_permissions_ownership "$dir" -u "${APP_USER}" -g "${APP_USER}"
done
# 解决使用gosu后,nginx: [emerg] open() "/dev/stdout" failed (13: Permission denied)
LOG_D "Change permissions of stdout/stderr to 0622"
chmod 0622 /dev/stdout /dev/stderr
LOG_I "** Processing setup.sh finished! **"
customer/usr/local/overrides/overrides-x.x.x.sh
+1
View File
@@ -1,4 +1,5 @@
#!/bin/bash -e
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 在安装完应用后,使用该脚本修改默认配置文件中部分配置项; 如果相应的配置项已经定义为容器环境变量,则不需要在这里修改
customer/usr/sbin/create_user
Executable
+9
View File
@@ -0,0 +1,9 @@
#!/bin/bash
# shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行)
set -eux
groupadd --gid 998 --system builder
useradd --gid 998 --uid 999 --shell /bin/bash --home /srv/data --system builder
# 如果需要 sudo 权限,需要安装 su 软件包:apk add sudo
#sed -i -e 's/^\sDefaults\s*secure_path\s*=/# Defaults secure_path=/' /etc/sudoers
#echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
customer/usr/sbin/prepare_env
Executable
+8
View File
@@ -0,0 +1,8 @@
#!/bin/bash
# shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行)
set -eux
APP_DIRS="${APP_DEF_DIR:-} ${APP_CONF_DIR:-} ${APP_DATA_DIR:-} ${APP_CACHE_DIR:-} ${APP_RUN_DIR:-} ${APP_LOG_DIR:-} ${APP_CERT_DIR:-} ${APP_HOME_DIR:-}"
mkdir -p ${APP_DIRS}
chown -Rf ${APP_USER}:${APP_USER} ${APP_DIRS};
prebuilds/etc/apt/sources/sources.list.aliyun
+9
View File
@@ -0,0 +1,9 @@
deb http://mirrors.aliyun.com/debian/ buster main non-free contrib
deb http://mirrors.aliyun.com/debian-security buster/updates main
deb http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib
deb http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib
deb-src http://mirrors.aliyun.com/debian-security buster/updates main
deb-src http://mirrors.aliyun.com/debian/ buster main non-free contrib
deb-src http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib
deb-src http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib
prebuilds/etc/apt/sources/sources.list.default
+6
View File
@@ -0,0 +1,6 @@
# deb http://snapshot.debian.org/archive/debian/20200607T000000Z buster main
deb http://deb.debian.org/debian buster main
# deb http://snapshot.debian.org/archive/debian-security/20200607T000000Z buster/updates main
deb http://security.debian.org/debian-security buster/updates main
# deb http://snapshot.debian.org/archive/debian/20200607T000000Z buster-updates main
deb http://deb.debian.org/debian buster-updates main
prebuilds/etc/apt/sources/sources.list.huawei
+9
View File
@@ -0,0 +1,9 @@
deb http://mirrors.huaweicloud.com/debian/ buster main contrib non-free
deb http://mirrors.huaweicloud.com/debian/ buster-updates main contrib non-free
deb http://mirrors.huaweicloud.com/debian/ buster-backports main contrib non-free
deb http://mirrors.huaweicloud.com/debian-security/ buster/updates main contrib non-free
deb-src http://mirrors.huaweicloud.com/debian/ buster main contrib non-free
deb-src http://mirrors.huaweicloud.com/debian/ buster-updates main contrib non-free
deb-src http://mirrors.huaweicloud.com/debian/ buster-backports main contrib non-free
prebuilds/etc/apt/sources/sources.list.tencent
+10
View File
@@ -0,0 +1,10 @@
deb http://mirrors.cloud.tencent.com/debian/ buster main non-free contrib
deb http://mirrors.cloud.tencent.com/debian-security buster/updates main
deb http://mirrors.cloud.tencent.com/debian/ buster-updates main non-free contrib
deb http://mirrors.cloud.tencent.com/debian/ buster-backports main non-free contrib
deb-src http://mirrors.cloud.tencent.com/debian-security buster/updates main
deb-src http://mirrors.cloud.tencent.com/debian/ buster main non-free contrib
deb-src http://mirrors.cloud.tencent.com/debian/ buster-updates main non-free contrib
deb-src http://mirrors.cloud.tencent.com/debian/ buster-backports main non-free contrib
prebuilds/etc/apt/sources/sources.list.ustc
+10
View File
@@ -0,0 +1,10 @@
deb http://mirrors.ustc.edu.cn/debian/ buster main contrib non-free
deb http://mirrors.ustc.edu.cn/debian/ buster-updates main contrib non-free
deb http://mirrors.ustc.edu.cn/debian/ buster-backports main contrib non-free
deb http://mirrors.ustc.edu.cn/debian-security/ buster/updates main contrib non-free
deb-src http://mirrors.ustc.edu.cn/debian/ buster main contrib non-free
deb-src http://mirrors.ustc.edu.cn/debian/ buster-updates main contrib non-free
deb-src http://mirrors.ustc.edu.cn/debian/ buster-backports main contrib non-free
deb-src http://mirrors.ustc.edu.cn/debian-security/ buster/updates main contrib non-free
prebuilds/usr/local/scripts/libcommon.sh
+47 -82
View File
@@ -1,10 +1,7 @@
#!/bin/bash
# Ver: 1.2 by Endial Fang (endial@126.com)
# Ver: 1.3 by Endial Fang (endial@126.com)
#
# shellcheck disable=SC1091
BOLD='\033[1m'
# 通用函数库
# 加载依赖项
. /usr/local/scripts/liblog.sh # 日志输出函数库
@@ -12,87 +9,38 @@ BOLD='\033[1m'
# 函数列表
# 打印包含包含Logo的欢迎信息
# 全局变量:
# APP_NAME
print_image_welcome_page() {
_is_restart && return
local github_url="https://github.com/colovu/docker-${APP_NAME}"
# LOG_I ""
# LOG_I " ######## ######## ### ######## ### ## ### ##"
# LOG_I " ### ## ### ## ### ### ## ### ## ### ##"
# LOG_I " ### ### ## ### ### ## ### ## ### ##"
# LOG_I " ### ### ## ### ### ## ### ## ### ##"
# LOG_I " ### ### ## ### ### ## ### ## ### ##"
# LOG_I " ### ## ### ## ### ### ## #### ### ##"
# LOG_I "######## ######## ######## ######## ## ########"
# LOG_I ""
# LOG_I "Welcome to the ${BOLD}${APP_NAME}${RESET} container"
# LOG_I "Project on Github: ${BOLD}${github_url}${RESET}"
# LOG_I "Send us your feedback at ${BOLD}endial@126.com${RESET}"
# LOG_I ""
print_welcome_info() {
[[ -n "${APP_NAME}" ]] && github_url="/docker-${APP_NAME}"
LOG_I ' ____ _ '
LOG_I ' / ___|___ | | _____ ___ _ '
LOG_I '| | / _ \| |/ _ \ \ / / | | | '"Docker : ${BOLD}${APP_NAME}${RESET}"
LOG_I '| |__| (_) | | (_) \ V /| |_| | '"Version: ${BOLD}${APP_VERSION}${RESET}"
LOG_I '| | / _ \| |/ _ \ \ / / | | | '"Docker : ${BOLD}${APP_NAME:-undefined}${RESET}"
LOG_I '| |__| (_) | | (_) \ V /| |_| | '"Version: ${BOLD}${APP_VERSION:-0.0}${RESET}"
LOG_I ' \____\___/|_|\___/ \_/ \__,_| '"PowerBy: ${BOLD}Endial@126.com${RESET}"
LOG_D " Project Repo: ${github_url}"
LOG_D " Project Repo: https://github.com/colovu/${github_url:-}"
LOG_I ""
}
# 根据需要打印欢迎信息
# 全局变量:
# ENV_DISABLE_WELCOME_MESSAGE
# APP_NAME
docker_print_welcome() {
if [[ -z "${ENV_DISABLE_WELCOME_MESSAGE:-}" ]]; then
if [[ -n "$APP_NAME" ]]; then
print_image_welcome_page
fi
print_image_welcome() {
if [[ "$(id -u)" = "0" ]]; then
print_welcome_info
fi
}
# 检测可能导致容器执行后直接退出的命令,如"--help";如果存在,直接返回 0
# 参数:
# $1 - 待检测的参数表
docker_command_help() {
print_command_help() {
local arg
for arg; do
case "$arg" in
-'?'|--help|-V|--version)
return 0
exec "${APP_EXEC:-/bin/bash}" "${arg}"
exit
;;
esac
done
return 1
}
# 根据脚本扩展名及权限,执行相应的初始化脚本
# 参数:
# $1 - 文件列表,支持路径通配符
# 使用:
# docker_process_init_files [file [file [...]]]
# 例子:
# docker_process_init_files /src/conf/${APP_NAME}/initdb.d/*
docker_process_init_files() {
echo
local f
for f; do
case "$f" in
*.sh)
if [ -x "$f" ]; then
LOG_I "$0: running $f"
"$f"
else
LOG_I "$0: sourcing $f"
. "$f"
fi
;;
*) LOG_W "$0: ignoring $f" ;;
esac
echo
done
}
# 检测应用相应的配置文件是否存在,如果不存在,则从默认配置文件目录拷贝一份
@@ -125,30 +73,47 @@ ensure_config_file_exist() {
done
}
# 检测当前用户是否为 root
# 返回值:
# 布尔值
_is_run_as_root() {
if [[ "$(id -u)" = "0" ]]; then
LOG_D "Check if run as root: Yes"
true
else
LOG_D "Check if run as root: No (ID $(id -u))"
false
fi
# 根据脚本扩展名及权限,执行相应的初始化脚本
# 参数:
# $1 - 文件列表,支持路径通配符
# 使用:
# process_init_files [file [file [...]]]
# 例子:
# process_init_files /src/conf/${APP_NAME}/initdb.d/*
process_init_files() {
echo
local f
for f; do
case "$f" in
*.sh)
if [ -x "$f" ]; then
LOG_I "$0: running $f"
"$f"
else
LOG_I "$0: sourcing $f"
. "$f"
fi
;;
*) LOG_W "$0: ignoring $f" ;;
esac
echo
done
}
_is_restart() {
if [ x"${RESTART_FLAG:-}" = "x" ]; then
false
else
# 检测当前是否为 root 用户
is_root() {
if [[ "$(id -u)" = "0" ]]; then
LOG_D "Run as root."
true
else
LOG_D "Run as non-root: $(id -u)"
false
fi
}
# 检测当前脚本是被直接执行的,还是从其他脚本中使用 "source" 调用的
_is_sourced() {
is_sourced() {
[ "${#FUNCNAME[@]}" -ge 2 ] \
&& [ "${FUNCNAME[0]}" = '_is_sourced' ] \
&& [ "${FUNCNAME[0]}" = 'is_sourced' ] \
&& [ "${FUNCNAME[1]}" = 'source' ]
}
prebuilds/usr/local/scripts/libdownload.sh
-97
View File
@@ -1,97 +0,0 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 从服务器(列表)下载相应软件包
# Constants
#CV_BASE="http://archive.colovu.com/dist-files/"
#CV_BASE="http://10.37.129.2/dist-files/"
CV_BASE=""
# 检测软件包签名是否正确
# 参数:
# $1 - 软件包签名文件
# $2 - 软件包文件
# $3 - PGPKEY
check_pgp() {
local name_asc=${1:?missing asc file name}
local name=${2:?missing file name}
local keys="${3:?missing key id}"
GNUPGHOME="$(mktemp -d)"
for key in $keys; do
gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "${key}" ||
gpg --batch --keyserver pgp.mit.edu --recv-keys "${key}" ||
gpg --batch --keyserver keys.gnupg.net --recv-keys "${key}" ||
gpg --batch --keyserver keyserver.pgp.com --recv-keys "${key}";
done
gpg --batch --verify "$name_asc" "$name"
command -v gpgconf > /dev/null && gpgconf --kill all
rm -rf "$GNUPGHOME" "$name_asc"
}
# 从私有服务器下载软件包,如果不存在,则从官网服务器下载
# 参数:
# $1 - 软件包全名(字符串)
# $2 - 官网路径(字符串)
# $3 - "-c"/"--checksum"
# $4 - 软件包SHA256值
# $3 - "-g"/"--pgpkey"
# $4 - 用于软件包签名的KEY ID
# 例子:
# . /usr/local/scripts/libdownload.sh && download_dist "java" "11.0.7-0" --checksum 02a1fc9b79b11617ad39221667f6a34209f5c45ca908268f8ba6c264a2577ee2
download_dist() {
local name="${1:?name is required}"
local base_urls="${2:?url is required}"
local package_sha256=""
local pgp_key=""
local success=""
# 获取SHA256或PGP KEY
shift 2
while [ "$#" -gt 0 ]; do
case "$1" in
-c|--checksum)
shift
package_sha256="${1:?missing package checksum}"
;;
-g|--pgpkey)
shift
pgp_key="${1:?missing package PGP key}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
echo "Downloading $name package"
for url in $CV_BASE $base_urls; do
if wget -O "$name" "$url$name" && [ -s "$name" ]; then
if [ -n "$pgp_key" ]; then
wget -O "$name.asc" "$url$name.asc"
if [ ! -e "$name.asc" ]; then
wget -O "$name.asc" "$url$name.sig"
fi
fi
success=1
break
fi
done
if [ -n "$success" ]; then
if [ -n "$package_sha256" ]; then
echo "Verifying package whith sha256"
echo "$package_sha256 *${name}" | sha256sum --check -
fi
if [ -n "$pgp_key" ]; then
echo "Verifying package with PGP"
check_pgp "$name.asc" "$name" "$pgp_key"
fi
else
[ -n "$success" ]
fi
}
prebuilds/usr/local/scripts/libfs.sh
+5 -18
View File
@@ -8,36 +8,23 @@
# 函数列表
# Ensure a file/directory is owned (user and group) but the given user
# Arguments:
# $1 - filepath
# $2 - owner
ensure_owned_by() {
local path="${1:?path is missing}"
local owner="${2:?owner is missing}"
chown "$owner":"$owner" "$path"
}
# 检测目录是否存在,如果不存在则创建,同时修改为指定的用户
# Arguments:
# $1 - directory
# $2 - owner
# 参数:
# $1 - 目录路径
# $2 - 用户
ensure_dir_exists() {
local dir="${1:?directory is missing}"
local owner="${2:-}"
mkdir -p "${dir}"
if [[ -n $owner ]]; then
ensure_owned_by "$dir" "$owner"
chown "$owner":"$owner" "$dir"
fi
}
# 检测目录是否存在或为空
# 参数:
# $1 - 目录路径
# 返回值:
# 布尔值
is_dir_empty() {
local dir="${1:?missing directory}"
@@ -117,4 +104,4 @@ configure_permissions_ownership() {
LOG_E "$p does not exist"
fi
done
}
}
prebuilds/usr/local/scripts/liblog.sh
+38 -23
View File
@@ -1,31 +1,47 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 日志处理函数库
# Ver: 1.1 by Endial Fang (endial@126.com)
#[[ ${ENV_DEBUG:-false} = true ]] && set -x
MODULE="$(basename "$0")"
# 定义颜色信息
RESET='\033[0m'
RED='\033[31;1m'
GREEN='\033[32;2m'
YELLOW='\033[33;1m'
MAGENTA='\033[36;2m'
CYAN='\033[35;2m'
BLUE='\033[34;2m'
BOLD='\033[1m'
# 前景色
BLACK='\033[38;5;0m'
RED='\033[38;5;1m'
GREEN='\033[38;5;2m'
YELLOW='\033[38;5;3m'
BLUE='\033[38;5;4m'
MAGENTA='\033[38;5;5m'
CYAN='\033[38;5;6m'
WHITE='\033[38;5;7m'
# 背景色
ON_BLACK='\033[48;5;0m'
ON_RED='\033[48;5;1m'
ON_GREEN='\033[48;5;2m'
ON_YELLOW='\033[48;5;3m'
ON_BLUE='\033[48;5;4m'
ON_MAGENTA='\033[48;5;5m'
ON_CYAN='\033[48;5;6m'
ON_WHITE='\033[48;5;7m'
# 函数列表
# 打印输出到 STDERR 设备
stderr_print() {
printf "%b\\n" "${*}" >&2
}
# 输出实际日志信息
# 参数:
# $1 - 日志类型
# $2 - 日志信息
LOG_RAW() {
local type="$1"; shift
case "${type}" in
x) printf "${CYAN}${APP_NAME:-} ${MAGENTA}%s ${RESET}${BLUE}DEBUG${RESET} %b\n" "$(date "+%T.%2N")" "${*}" ;;
I) printf "${CYAN}${APP_NAME:-} ${MAGENTA}%s ${RESET}${GREEN}INFO ${RESET} %b\n" "$(date "+%T.%2N")" "${*}";;
W) printf "${CYAN}${APP_NAME:-} ${MAGENTA}%s ${RESET}${YELLOW}WARN ${RESET} %b\n" "$(date "+%T.%2N")" "${*}";;
E) printf "${CYAN}${APP_NAME:-} ${MAGENTA}%s ${RESET}${RED}ERROR${RESET} %b\n" "$(date "+%T.%2N")" "${*}";;
esac
LOG() {
#stderr_print "${ENV_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}"
printf "${ENV_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}%s}${RESET} %b\n" "$(date "+%T")" "${*}"
}
# 输出调试类日志信息,尽量少使用
@@ -36,7 +52,7 @@ LOG_D() {
local -r bool="${ENV_DEBUG:-false}"
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
LOG_RAW x "$@"
LOG "${BLUE}DBG${RESET}: ${*}"
fi
}
@@ -45,8 +61,7 @@ LOG_D() {
# $1 - 日志类型
# $2 - 日志信息
LOG_I() {
shopt -s nocasematch
LOG_RAW I "$@"
LOG "${GREEN}INF${RESET}: ${*}"
}
# 输出警告类日志信息至sterr
@@ -54,7 +69,7 @@ LOG_I() {
# $1 - 日志类型
# $2 - 日志信息
LOG_W() {
LOG_RAW W "$@" >&2
LOG "${YELLOW}WRN${RESET}: ${*}"
}
# 输出错误类日志信息至sterr,并退出脚本
@@ -62,5 +77,5 @@ LOG_W() {
# $1 - 日志类型
# $2 - 日志信息
LOG_E() {
LOG_RAW E "$@" >&2
LOG "${RED}ERR${RESET}: ${*}"
}
prebuilds/usr/local/scripts/libnet.sh
-120
View File
@@ -1,120 +0,0 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# 网络管理函数库
# shellcheck disable=SC1091
# 加载依赖项
. /usr/local/scripts/liblog.sh # 日志输出函数库
# 函数列表
# 解析主机名为 IP
# 参数:
# $1 - 待解析的主机名
# 返回值:
# IP 地址
#########################
dns_lookup() {
local host="${1:?host is missing}"
getent ahosts "$host" | awk '/STREAM/ {print $1 }'
}
# 等待主机名解析,并返回 IP
# 参数:
# $1 - 主机名
# $2 - 重试次数
# $3 - 重试间隔(秒)
# 返回值:
# - IP 地址
wait_for_dns_lookup() {
local hostname="${1:?hostname is missing}"
local retries="${2:-5}"
local seconds="${3:-1}"
check_host() {
if [[ $(dns_lookup "$hostname") == "" ]]; then
false
else
true
fi
}
# Wait for the host to be ready
retry_while "check_host ${hostname}" "$retries" "$seconds"
dns_lookup "$hostname"
}
# 获取机器的 IP
# 返回值:
# - IP 地址
get_machine_ip() {
dns_lookup "$(hostname)"
}
# 检测提供的参数是否为可解析地址的主机名
# 参数:
# $1 - 待检测值
# 返回值:
# 布尔值
is_hostname_resolved() {
local -r host="${1:?missing value}"
if [[ -n "$(dns_lookup "$host")" ]]; then
true
else
false
fi
}
# 解析 URL
# 参数:
# $1 - URI 字符串
# $2 - 待解析参数字符串。有效值 (scheme, authority, userinfo, host, port, path, query or fragment)
# 返回值:
# 字符串
parse_uri() {
local uri="${1:?uri is missing}"
local component="${2:?component is missing}"
# Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with
# additional sub-expressions to split authority into userinfo, host and port
# Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969)
local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?'
# || | ||| | | | | | | | | |
# |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment
# 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #...
# | 4 authority
# 3 //...
local index=0
case "$component" in
scheme)
index=2
;;
authority)
index=4
;;
userinfo)
index=6
;;
host)
index=7
;;
port)
index=9
;;
path)
index=10
;;
query)
index=13
;;
fragment)
index=14
;;
*)
stderr_print "unrecognized component $component"
return 1
;;
esac
[[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}"
}
prebuilds/usr/local/scripts/libos.sh
+5 -55
View File
@@ -1,10 +1,8 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
# Ver: 1.2 by Endial Fang (endial@126.com)
#
# 操作系统控制函数库
# shellcheck disable=SC1091
# 加载依赖项
. /usr/local/scripts/liblog.sh # 日志输出函数库
@@ -13,8 +11,6 @@
# 检测指定用户账户是否存在
# 参数:
# $1 - 用户账户
# 返回值:
# 布尔值
user_exists() {
local user="${1:?user is missing}"
id "$user" >/dev/null 2>&1
@@ -23,55 +19,19 @@ user_exists() {
# 检测指定用户分组是否存在
# 参数:
# $1 - 用户组
# 返回值:
# 布尔值
group_exists() {
local group="${1:?group is missing}"
getent group "$group" >/dev/null 2>&1
}
# 确保用户组存在,如果不存在则创建相应用户组
# 参数:
# $1 - 用户组
ensure_group_exists() {
local group="${1:?group is missing}"
if ! group_exists "$group"; then
groupadd "$group" >/dev/null 2>&1
fi
}
# 确保用户组及用户账户存在,如果不存在则创建相应用户组及账户
# 参数:
# $1 - 用户
# $2 - 用户组
ensure_user_exists() {
local user="${1:?user is missing}"
local group="${2:-}"
if ! user_exists "$user"; then
useradd "$user" >/dev/null 2>&1
fi
if [[ -n "$group" ]]; then
ensure_group_exists "$group"
fi
usermod -a -G "$group" "$user" >/dev/null 2>&1
}
# 获取系统可用内存
# 返回值:
# 内存大小(MB)
# 获取系统可用内存大小(MB)信息
get_total_memory() {
echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024))
}
# 获取以定量方式描述的内存大小
# 参数:
# $1 - 内存大小 (可选)
# 返回值:
# 基于定量内存大小的内存大小描述
# $1 - 内存大小 (MB可选)
get_machine_size() {
local memory="${1:-}"
if [[ -z "$memory" ]]; then
@@ -95,8 +55,6 @@ get_machine_size() {
}
# 获取已定义的所有内存大小描述
# 返回值:
# 内存大小描述
get_supported_machine_sizes() {
echo micro small medium large xlarge 2xlarge
}
@@ -104,8 +62,6 @@ get_supported_machine_sizes() {
# 将以字符串表示的内存大小转换为以MB为单位的内存大小值 (i.e. 2G -> 2048)
# 参数:
# $1 - 内存大小
# 返回值:
# 内存大小值(以MB为单位)
convert_to_mb() {
local amount="${1:-}"
if [[ $amount =~ ^([0-9]+)(M|G) ]]; then
@@ -121,17 +77,15 @@ convert_to_mb() {
}
# 如果禁用调试模式,将输出信息重定向至 /dev/null
# 全局变量:
# ENV_DEBUG
# 参数:
# $@ - 待执行的命令
debug_execute() {
local -r bool="${ENV_DEBUG:-false}"
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
"$@" >/dev/null 2>&1
else
"$@"
else
"$@" >/dev/null 2>&1
fi
}
@@ -140,8 +94,6 @@ debug_execute() {
# $1 - cmd (as a string)
# $2 - 最大尝试次数. Default: 12
# $3 - 重试前等待时间(秒). Default: 5
# 返回值:
# 布尔值
retry_while() {
local -r cmd="${1:?cmd is missing}"
local -r retries="${2:-12}"
@@ -155,5 +107,3 @@ retry_while() {
done
return $return_value
}
prebuilds/usr/local/scripts/libservice.sh
+17 -62
View File
@@ -12,9 +12,7 @@
# 获取并返回服务 PID
# 参数:
# $1 - PID 文件
# 返回值:
# PID
# $1 - PID 文件
get_pid_from_file() {
local pid_file="${1:?pid file is missing}"
@@ -28,8 +26,6 @@ get_pid_from_file() {
# 检测 PID 对应的服务是否在运行中
# 参数:
# $1 - PID
# 返回值:
# Boolean
is_service_running() {
local pid="${1:?pid is missing}"
@@ -61,54 +57,13 @@ stop_service_using_pid() {
done
}
# 为指定的服务生成一个监控配置文件
# Arguments:
# $1 - 服务名
# $2 - PID 文件
# $3 - 启动命令
# $4 - 停止命令
# Flags:
# --disabled - Whether to disable the monit configuration
generate_monit_conf() {
local service_name="${1:?service name is missing}"
local pid_file="${2:?pid file is missing}"
local start_command="${3:?start command is missing}"
local stop_command="${4:?stop command is missing}"
local monit_conf_dir="/etc/monit/conf.d"
local disabled="no"
# Parse optional CLI flags
shift 4
while [[ "$#" -gt 0 ]]; do
case "$1" in
--disabled)
shift
disabled="$1"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
is_boolean_yes "$disabled" && conf_suffix=".disabled"
mkdir -p "$monit_conf_dir"
cat >"${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <<EOF
check process ${service_name}
with pidfile "${pid_file}"
start program = "${start_command}" with timeout 90 seconds
stop program = "${stop_command}" with timeout 90 seconds
EOF
}
# 生成一个 Logrotate 配置文件
# Arguments:
# $1 - 日志路径
# $2 - Period
# $3 - Rotations 存储的数量
# $4 - 其他参数 (可选)
# 参数:
# $1 - 应用名称
# $2 - 日志路径及日志文件名
# $3 - 周期
# $4 - Rotations 存储的数量
# $5 - 其他参数 (可选)
generate_logrotate_conf() {
local service_name="${1:?service name is missing}"
local log_path="${2:?log path is missing}"
@@ -118,15 +73,15 @@ generate_logrotate_conf() {
local logrotate_conf_dir="/etc/logrotate.d"
mkdir -p "$logrotate_conf_dir"
cat >"${logrotate_conf_dir}/${service_name}" <<EOF
${log_path} {
${period}
rotate ${rotations}
dateext
compress
copytruncate
missingok
${extra_options}
}
cat >"${logrotate_conf_dir}/${service_name}" <<-'EOF'
${log_path} {
${period}
rotate ${rotations}
dateext
compress
copytruncate
missingok
${extra_options}
}
EOF
}
prebuilds/usr/local/scripts/libvalidations.sh
+13 -29
View File
@@ -11,8 +11,6 @@
# 检测数据是否为整数
# 参数:
# $1 - 待检测的数据
# 返回值:
# 布尔值
is_int() {
local -r int="${1:?missing value}"
if [[ "$int" =~ ^-?[0-9]+ ]]; then
@@ -25,8 +23,6 @@ is_int() {
# 检测数据是否为正整数
# 参数:
# $1 - 待检测的数据
# 返回值:
# 布尔值
is_positive_int() {
local -r int="${1:?missing value}"
if is_int "$int" && (( "${int}" >= 0 )); then
@@ -39,8 +35,6 @@ is_positive_int() {
# 检测数据是否为布尔值 '1' 或字符串 'yes/true'
# 参数:
# $1 - 待检测的数据
# 返回值:
# 布尔值
is_boolean_yes() {
local -r bool="${1:-}"
# comparison is performed without regard to the case of alphabetic characters
@@ -55,8 +49,6 @@ is_boolean_yes() {
# 检测数据是否为字符串 'yes/no'
# 参数:
# $1 - 待检测的数据
# 返回值:
# 布尔值
is_yes_no_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(yes|no)$ ]]; then
@@ -69,8 +61,6 @@ is_yes_no_value() {
# 检测数据是否为字符串 'true/false'
# 参数:
# $1 - 待检测的数据
# 返回值:
# 布尔值
is_true_false_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(true|false)$ ]]; then
@@ -83,8 +73,6 @@ is_true_false_value() {
# 检测提供的参数是否为空字符串或未定义
# 参数:
# $1 - 待检测的数据
# 返回值:
# 布尔值
is_empty_value() {
local -r val="${1:-}"
if [[ -z "$val" ]]; then
@@ -114,7 +102,7 @@ validate_port() {
break
;;
-*)
stderr_print "unrecognized flag $1"
LOG_E "unrecognized flag $1"
return 1
;;
*)
@@ -125,30 +113,30 @@ validate_port() {
done
if [[ "$#" -gt 1 ]]; then
echo "too many arguments provided"
LOG_E "too many arguments provided"
return 2
elif [[ "$#" -eq 0 ]]; then
stderr_print "missing port argument"
LOG_E "missing port argument"
return 1
else
value=$1
fi
if [[ -z "$value" ]]; then
echo "the value is empty"
LOG_E "the value is empty"
return 1
else
if ! is_int "$value"; then
echo "value is not an integer"
LOG_W "value is not an integer"
return 2
elif [[ "$value" -lt 0 ]]; then
echo "negative value provided"
LOG_W "negative value provided"
return 2
elif [[ "$value" -gt 65535 ]]; then
echo "requested port is greater than 65535"
LOG_W "requested port is greater than 65535"
return 2
elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then
echo "privileged port requested"
LOG_W "privileged port requested"
return 3
fi
fi
@@ -157,8 +145,6 @@ validate_port() {
# 检测数据是否为有效的IPv4地址
# 参数:
# $1 - 待检测的数据
# 返回值:
# 布尔值
validate_ipv4() {
local ip="${1:?ip is missing}"
local stat=1
@@ -175,8 +161,6 @@ validate_ipv4() {
# 校验字符串格式
# 参数:
# $1 - 待检测的数据
# 返回值:
# 布尔值
validate_string() {
local string
local min_length=-1
@@ -198,7 +182,7 @@ validate_string() {
break
;;
-*)
stderr_print "unrecognized flag $1"
LOG_E "unrecognized flag $1"
return 1
;;
*)
@@ -209,21 +193,21 @@ validate_string() {
done
if [ "$#" -gt 1 ]; then
stderr_print "too many arguments provided"
LOG_E "too many arguments provided"
return 2
elif [ "$#" -eq 0 ]; then
stderr_print "missing string"
LOG_W "missing string"
return 1
else
string=$1
fi
if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then
echo "string length is less than $min_length"
LOG_I "string length is less than $min_length"
return 1
fi
if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then
echo "string length is great than $max_length"
LOG_I "string length is great than $max_length"
return 1
fi
}
prebuilds/usr/sbin/download_pkg
Executable
+160
View File
@@ -0,0 +1,160 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行)
set -eux
. /usr/local/scripts/liblog.sh
print_usage() {
LOG "Usage: download_pkg <COMMAND> <PACKAGE-NAME> \"<URLS>\" [OPTIONS]"
LOG ""
LOG "Download and install Third-Part packages"
LOG ""
LOG "Commands:"
LOG " install Download and install a package."
LOG " unpack Download and unpack a package."
LOG ""
LOG "Options:"
LOG " -g, --checkpgp Package release bucket."
LOG " -s, --checksum SHA256 verification checksum."
LOG " -h, --help Show this help message and exit."
LOG ""
LOG "PACKAGE-NAME: Name with extern name"
LOG "URLS: String with URL list"
LOG ""
LOG "Examples:"
LOG " - Unpack package"
LOG " \$ download_pkg unpack redis-5.0.8.tar.gz \"http://download.redis.io/releases/\""
LOG ""
LOG " - Verify and Install package"
LOG " \$ download_pkg install redis-5.0.8.tar.gz \"http://download.redis.io/releases/\" --checksum 42cf86a114d2a451b898fcda96acd4d01062a7dbaaad2801d9164a36f898f596"
LOG ""
}
check_pgp() {
local name_asc=${1:?missing asc file name}
local name=${2:?missing file name}
local keys="${3:?missing key id}"
GNUPGHOME="$(mktemp -d)"
if which gpg >/dev/null 2>&1; then
for key in $keys; do
gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "${key}" ||
gpg --batch --keyserver pgp.mit.edu --recv-keys "${key}" ||
gpg --batch --keyserver keys.gnupg.net --recv-keys "${key}" ||
gpg --batch --keyserver keyserver.pgp.com --recv-keys "${key}";
done
gpg --batch --verify "$name_asc" "$name"
command -v gpgconf > /dev/null && gpgconf --kill all
fi
}
# 获取并解析参数
ARGS=$(getopt -o g:s:h -l "checkpgp:,checksum:,help" -n "download-pkg" -- "$@")
if [ $? -ne 0 ];
then
exit 1
fi
eval set -- "$ARGS";
while true; do
case "$1" in
-g|--checkpgp)
shift
if [ -n "$1" ]; then
PACKAGE_KEYS=$1
shift
fi
;;
-s|--checksum)
shift
if [ -n "$1" ]; then
PACKAGE_SHA256=$1
shift
fi
;;
-h|--help)
print_usage
exit 0
;;
--)
shift
break
;;
esac
done
# 检测输入的命令是否合法
case "$1" in
install|unpack) ;;
*)
error "Unrecognized command: $1"
print_usage
exit 1
;;
esac
# 检测输入参数是否足够,需要至少提供软件包名称 及 下载路径
if [ $# -lt 3 ]; then
print_usage
exit 1
fi
INSTALL_ROOT=/usr/local
CACHE_ROOT=/tmp
PACKAGE="$2"
PACKAGE_URLS=$3
cd $INSTALL_ROOT
LOG_I "Downloading $PACKAGE package"
for url in $PACKAGE_URLS; do
LOG_D "Try $url/$PACKAGE"
if wget -O "$CACHE_ROOT/$PACKAGE" "$url/$PACKAGE" && [ -s "$CACHE_ROOT/$PACKAGE" ]; then
if [ -n "$PACKAGE_KEYS" ]; then
wget -O "$CACHE_ROOT/$PACKAGE.asc" "$url/$PACKAGE.asc"
if [ ! -e "$CACHE_ROOT/$PACKAGE.asc" ]; then
wget -O "$CACHE_ROOT/$PACKAGE.asc" "$url/$PACKAGE.sig"
fi
fi
success=1
break
fi
done
if [ "$PACKAGE_SHA256" ]; then
LOG_I "Verifying package integrity"
echo "$PACKAGE_SHA256 *$CACHE_ROOT/$PACKAGE" | sha256sum -c -
fi
if [ -e "$CACHE_ROOT/$PACKAGE.asc" ]; then
LOG_I "Verifying package with PGP"
check_pgp "$CACHE_ROOT/$PACKAGE.asc" "$CACHE_ROOT/$PACKAGE" "$PACKAGE_KEYS"
fi
# If the tarball has too many files, it can trigger a bug
# in overlayfs when using tar. Install bsdtar in the container image
# to workaround it. As the overhead is too big (~40 MB), it is not added by
# default. Source: https://github.com/coreos/bugs/issues/1095
# 安装或解压软件
case "$1" in
install)
LOG_I "Installing $PACKAGE"
cp $CACHE_ROOT/$PACKAGE /usr/local/bin/
;;
unpack)
if ! tar tzf $CACHE_ROOT/$PACKAGE >/dev/null 2>&1; then
LOG_E "Invalid or corrupt '$PACKAGE' package."
exit 1
fi
LOG_I "Unpacking $PACKAGE"
if which bsdtar >/dev/null 2>&1; then
bsdtar -xf $CACHE_ROOT/$PACKAGE
else
tar xzf $CACHE_ROOT/$PACKAGE --no-same-owner
fi
;;
esac
prebuilds/usr/sbin/install_pkg
Executable
+58
View File
@@ -0,0 +1,58 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行)
set -eux
print_usage() {
echo "Usage: install_pkg <PACKAGE-NAME>"
echo ""
echo "Download and install packages"
echo ""
echo "Options:"
echo " -h, --help Show this help message and exit."
echo ""
echo "Examples:"
echo " - Unpack package"
echo " \$ install_pkg bash curl"
echo ""
}
if [ $# -lt 1 ]; then
print_usage
exit 1
fi
case "$1" in
-h|--help)
print_usage
exit 0
;;
esac
retry=0
max=2
until [ $retry -gt $max ]; do
set +e
(
export DEBIAN_FRONTEND=noninteractive &&
apt-get update &&
apt-get upgrade -y &&
apt-get install -y --no-install-recommends "$@"
)
CODE=$?
set -e
if [ $CODE -eq 0 ]; then
break
fi
if [ $retry -eq $max ]; then
exit $CODE
fi
echo "apt failed, retrying"
retry=$(($retry + 1))
done
apt-get purge -y --auto-remove
apt-get autoclean -y
rm -r /var/lib/apt/lists /var/cache/apt/archives || :
prebuilds/usr/sbin/select_source
Executable
+6
View File
@@ -0,0 +1,6 @@
#!/bin/bash
# Ver: 1.0 by Endial Fang (endial@126.com)
#
# shell 执行参数,分别为 -e(命令执行错误则退出脚本) -u(变量未定义则报错) -x(打印实际待执行的命令行)
set -eux
cp /etc/apt/sources/sources.list.${1:-default} /etc/apt/sources.list