Gitiles
Code Review Sign In
www.giggi.me / tod / b77f7023a9e91d60a94b1afee960c707d7c388c2 / . / module / compose / scheme.sh
blob: 8c5370ef3d0e2b94dad4b5cc7269aecf413f5852 [file] [log] [blame]
Luigi Santivetti512fb232020-05-18 00:57:16 +0100[diff] [blame]1#!/bin/bash
2#
3# generate a new docker-compose.yml
4#
5# Copyright 2019 Luigi Santivetti <luigi.santivetti@gmail.com>
6
7# Permission is hereby granted, free of charge, to any person obtaining a
8# copy of this software and associated documentation files (the "Software"),
9# to deal in the Software without restriction, including without limitation
10# the rights to use, copy, modify, merge, publish, distribute, sublicense,
11# and/or sell copies of the Software, and to permit persons to whom the
12# Software is furnished to do so, subject to the following conditions:
13
14# The above copyright notice and this permission notice (including the next
15# paragraph) shall be included in all copies or substantial portions of the
16# Software.
17
18# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
21# ITS SUPPLIERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
22# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
23# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
24
25if [ "${_APACHE_HAS_MEDIA_}" -eq 1 ]; then
26 declare -r compose_has_mount_media="\
27 - ${_APACHE_HTML_PHOTOS_D_}:/var/www/html/photos
28 - ${_APACHE_HTML_VIDEOS_D_}:/var/www/html/videos"
Luigi Santivettiaf512c82020-10-31 10:53:12 +0000[diff] [blame]29 declare -r compose_openssh_has_mount_media="\
30 - ${_APACHE_HTML_PHOTOS_D_}:${_APACHE_HTML_PHOTOS_D_}
31 - ${_APACHE_HTML_VIDEOS_D_}:${_APACHE_HTML_VIDEOS_D_}"
Luigi Santivetti512fb232020-05-18 00:57:16 +0100[diff] [blame]32else
33 declare -r compose_has_mount_media=""
Luigi Santivettiaf512c82020-10-31 10:53:12 +0000[diff] [blame]34 declare -r compose_openssh_has_mount_media=""
Luigi Santivetti512fb232020-05-18 00:57:16 +0100[diff] [blame]35fi
36
37if [ "${_GERRIT_HAS_HTTPS_}" -eq 1 ]; then
38 declare -r compose_has_secure_store="\
39 - ${_GERRIT_DKRC_KEYSTORE_F_}:${_GERRIT_KEYSTORE_}:ro
40 - ${_GERRIT_DKRC_SSLIB_F_}:${_GERRIT_SSLIB_}"
41else
42 declare -r compose_has_secure_store=""
43fi
44
45declare -r docker_compose_t="\
46version: '${_COMPOSE_API_VERSION_}'
47networks:
48 frontend:
49 driver: bridge
50 ipam:
51 config:
52 - subnet: ${_COMPOSE_SUBNET_FRONTEND_IP_}/${_COMPOSE_SUBNET_BIT_}
53 backend:
54 driver: bridge
55 ipam:
56 config:
57 - subnet: ${_COMPOSE_SUBNET_BACKEND_IP_}/${_COMPOSE_SUBNET_BIT_}
58services:
59 ${_GERRIT_DKRC_SERVICE_}:
60 image: ${_GERRIT_DKRC_IMAGE_}
61 build:
62 context: ${_GERRIT_DKRC_CONTEXT_}
63 dockerfile: ${_GERRIT_DKRC_DOCKERFILE_}
64 container_name: ${_GERRIT_DKRC_CONTAINER_}
65 expose:
66 - \"${_GERRIT_PROXY_PORT_}\"
67 - \"${_GERRIT_SSH_PORT_}\"
68 ports:
69 - \"${_COMPOSE_HOST_SSH_PORT_}:${_GERRIT_SSH_PORT_}\"
70 volumes:
71 - ${_GERRIT_DKRC_ROOTFS_}/index:/var/gerrit/index
72 - ${_GERRIT_DKRC_ROOTFS_}/cache:/var/gerrit/cache
73 - ${_GERRIT_DKRC_ROOTFS_}/git:/var/gerrit/git
Luigi Santivetti5ed1dae2020-10-31 11:14:37 +0000[diff] [blame]74 - ${_GERRIT_DKRC_HOOKS_D_}:${_GERRIT_HOOKS_CON_D_}
Luigi Santivetti512fb232020-05-18 00:57:16 +0100[diff] [blame]75 - ${_GERRIT_DKRC_ETC_D_}:/var/gerrit/etc
Luigi Santivetti1b31e502020-10-28 18:07:39 +0000[diff] [blame]76 - ${_GERRIT_LOGS_D_}:/var/gerrit/logs
Luigi Santivetti512fb232020-05-18 00:57:16 +0100[diff] [blame]77${compose_has_secure_store}
78 environment:
79 - CANONICAL_WEB_URL=${_GERRIT_CANON_URL_}
80 - LISTEN_URL=${_GERRIT_LISTEN_URL_}
Luigi Santivetti5ed1dae2020-10-31 11:14:37 +0000[diff] [blame]81 - HOOKS_REMOTE_ALIAS=${_GERRIT_HOOKS_REMOTE_NAME_}
Luigi Santivetti79506762020-10-21 20:56:00 +0000[diff] [blame]82 - HOOKS_REMOTE_RSAID=${_GERRIT_SSH_RSA_ID_F_}
Luigi Santivettiaf512c82020-10-31 10:53:12 +0000[diff] [blame]83 - HOOKS_REMOTE_HOST=${_OPENSSH_IP_}
84 - HOOKS_REMOTE_PATH=${_OPENSSH_MIRROR_CON_D_}
85 - HOOKS_REMOTE_PORT=${_OPENSSH_PORT_}
86 - HOOKS_REMOTE_USER=${_OPENSSH_GIT_USER_}
87 - HOOKS_GERRIT_HOST=${host_name}
88 - HOOKS_GERRIT_PORT=${_GERRIT_SSH_PORT_}
89 - HOOKS_DEPLOY_EXEC=${_OPENSSH_TOD_EXEC_}
Luigi Santivetti5ed1dae2020-10-31 11:14:37 +0000[diff] [blame]90 - HOOKS_LOG_DIR=${_GERRIT_HOOKS_LOG_CON_D_}
Luigi Santivetti512fb232020-05-18 00:57:16 +0100[diff] [blame]91 depends_on:
92 - ${_APACHE_DKRC_SERVICE_}
93 networks:
94 frontend:
95 ipv4_address: ${_GERRIT_DKRC_FRONTEND_IP_}
96 entrypoint: /bin/bash -c \"/${_GERRIT_DKRC_ENTRYPOINT_} \${GERRIT_ENTRYPOINT_ARGS}\"
97 ${_APACHE_DKRC_SERVICE_}:
98 environment:
99 - HOST_PEPPER=\${_PASSWD_APACHE_HASH_HMAC_PEPPER_}
100 - MYSQL_PASSWORD=\${_PASSWD_MYSQL_DB_PASSWORD_}
101 - MYSQL_USER=\${_PASSWD_MYSQL_DB_USERNAME_}
102 env_file:
103 - ${_COMPOSE_ENVIRONMENT_}
104 image: ${_APACHE_DKRC_IMAGE_}
105 build:
106 context: ${_APACHE_DKRC_CONTEXT_}
107 dockerfile: ${_APACHE_DKRC_DOCKERFILE_}
108 container_name: ${_APACHE_DKRC_CONTAINER_}
109 ports:
110 - \"${_COMPOSE_HOST_HTTP_PORT_}:${_APACHE_HTTP_PORT_}\"
111 - \"${_COMPOSE_HOST_HTTPS_PORT_}:${_APACHE_HTTPS_PORT_}\"
112 volumes:
113 - ${_APACHE_DKRC_PORTS_F_}:/etc/apache2/ports.conf:ro
114 - ${_APACHE_DKRC_CONF_F_}:/etc/apache2/apache2.conf:ro
115 - ${_APACHE_DKRC_AVAILABLE_D_}:/etc/apache2/sites-available:ro
116 - ${_APACHE_DKRC_ENABLED_D_}:/etc/apache2/sites-enabled:ro
117 - ${_MYSQL_ROOTFS_SSL_D_}:${_APACHE_CON_SSL_MYSQL_D_}:ro
118 - ${_APACHE_DKRC_CERT_L_}:${_APACHE_CON_SSL_D_}:ro
119 - ${_APACHE_EXT_AUTH_F_}:${_APACHE_CON_EXT_AUTH_F_}:ro
120 - ${_APACHE_DKRC_LOG_D_}:/var/log/apache2
121 - ${_APACHE_DKRC_WWW_D_}:/var/www
122${compose_has_mount_media}
123 depends_on:
124 - ${_MYSQL_DKRC_SERVICE_}
125 networks:
126 frontend:
127 ipv4_address: ${_APACHE_DKRC_FRONTEND_IP_}
128 backend:
129 ipv4_address: ${_APACHE_DKRC_BACKEND_IP_}
130 ${_MYSQL_DKRC_SERVICE_}:
131 environment:
132 - MYSQL_ROOT_PASSWORD=\${_PASSWD_MYSQL_DB_PASSWORD_ROOT_}
133 - MYSQL_PASSWORD=\${_PASSWD_MYSQL_DB_PASSWORD_}
134 - MYSQL_USER=\${_PASSWD_MYSQL_DB_USERNAME_}
135 env_file:
136 - ${_COMPOSE_ENVIRONMENT_}
137 image: ${_MYSQL_DKRC_IMAGE_}
138 build:
139 context: ${_MYSQL_DKRC_CONTEXT_}
140 dockerfile: ${_MYSQL_DKRC_DOCKERFILE_}
141 container_name: ${_MYSQL_DKRC_CONTAINER_}
142 restart: always
143 networks:
144 backend:
145 ipv4_address: ${_MYSQL_DKRC_BACKEND_IP_}
146 expose:
147 - \"${_MYSQL_DB_PORT_}\"
148 volumes:
149 - ${_MYSQL_ROOTFS_SSL_D_}:${_MYSQL_CON_SSL_D_}
150 - ${_MYSQL_INITDB_F_}:/docker-entrypoint-initdb.d/initdb.sql
151 - ${_MYSQL_MYCONF_F_}:/etc/mysql/my.cnf:ro
152 - ${_MYSQL_MYSQL_D_}:/var/lib/mysql
Luigi Santivettiaf512c82020-10-31 10:53:12 +0000[diff] [blame]153 - ${_MYSQL_LOG_D_}:${_MYSQL_CON_LOG_D_}
154 ${_OPENSSH_DKRC_SERVICE_}:
155 environment:
156 - PUID=${_OPENSSH_GIT_UID_}
157 - PGID=${_OPENSSH_GIT_GID_}
158 - TZ=Europe/London
159 - SUDO_ACCESS=true
160 - PASSWORD_ACCESS=false
161 - USER_NAME=${_OPENSSH_GIT_USER_}
162 - PUBLIC_KEY_FILE=${_OPENSSH_CLIENT_PUBKEY_}
163 image: ${_OPENSSH_DKRC_IMAGE_}
164 build:
165 context: ${_OPENSSH_DKRC_CONTEXT_}
166 dockerfile: ${_OPENSSH_DKRC_DOCKERFILE_}
167 container_name: ${_OPENSSH_DKRC_CONTAINER_}
168 restart: unless-stopped
169 networks:
170 frontend:
171 ipv4_address: ${_OPENSSH_IP_}
172 expose:
173 - ${_OPENSSH_PORT_}
174 volumes:
175 - ${_GERRIT_HOST_RSA_ID_F_}.pub:${_OPENSSH_CLIENT_PUBKEY_}
176 - ${_OPENSSH_MIRROR_D_}:${_OPENSSH_MIRROR_CON_D_}
177 - ${_OPENSSH_TOD_D_}:${_OPENSSH_TOD_CON_D_}
178 - ${_OPENSSH_LOG_D_}:/config/logs
179 - ${_APACHE_DKRC_WWW_D_}:/rootfs/var/www
180 - ${_GERRIT_DKRC_HOOKS_D_}:/rootfs/hooks
181 - ${_GERRIT_DKRC_ETC_D_}:/rootfs/etc
Luigi Santivettib77f7022020-11-08 01:04:55 +0000[diff] [blame^]182${compose_openssh_has_mount_media}
183 ${_LOGROTATE_DKRC_SERVICE_}:
184 environment:
185 - LOGROTATE_CRON=${_LOGROTATE_CRON_}
186 - LOGROTATE_CROND_LEVEL=${_LOGROTATE_CROND_LEVEL_}
187 image: ${_LOGROTATE_DKRC_IMAGE_}
188 build:
189 context: ${_LOGROTATE_DKRC_CONTEXT_}
190 dockerfile: ${_LOGROTATE_DKRC_DOCKERFILE_}
191 container_name: ${_LOGROTATE_DKRC_CONTAINER_}
192 volumes:
193 - ${_LOGROTATE_LOG_D_}:${_LOGROTATE_LOG_CON_D_}
194 - ${_LOGROTATE_CONF_F_}:${_LOGROTATE_CONF_CON_F_}:ro"
Luigi Santivetti512fb232020-05-18 00:57:16 +0100[diff] [blame]195
196declare -r environment_t="\
197MYSQL_DATABASE=${_MYSQL_DB_NAME_}
198MYSQL_HOSTNAME=${_MYSQL_DKRC_BACKEND_IP_}
199MYSQL_SSL_CAPATH=${_APACHE_CON_SSL_MYSQL_D_}
200MYSQL_SSL_CERT=${_APACHE_CON_SSL_MYSQL_CERT_F_}
201MYSQL_SSL_KEY=${_APACHE_CON_SSL_MYSQL_KEY_F_}
202MYSQL_SSL_CA=${_APACHE_CON_SSL_MYSQL_CA_F_}
203HOST_NAME=${_APACHE_SERVER_NAME_}"
204
205declare -r compose_cli_bang_t="\
206#!/bin/bash
207
208if (return 0 2>/dev/null); then
209 echo \"You must run this script\" >&2
210 return 1
211fi
212
213function __help
214{
215 cat <<EOF; exit 0
216`printf \"\\033[1m%s\\033[0m\\n\" \"NAME\"`
217
218 \${BASH_SOURCE[0]//.\//} - docker-compose CLI for ${host_name}
219
220`printf \"\\033[1m%s\\033[0m\\n\" \"USAGE\"`
221
222 \$ \${BASH_SOURCE[0]} [ OPTION ] [ ARGS ... ]
223
224`printf \"\\033[1m%s\\033[0m\\n\" \"ENVIRONMENT\"`
225
226 PASSWD_F path to file containing runtime credentials
227
228`printf \"\\033[1m%s\\033[0m\\n\" \"OPTION\"`
229
230 --start [init] start instance. If \\\`init\\\` is passed,
231 then do entrypoint.sh initialization steps
232 and run in the foreground not as a daemon
233 --stop stop instance
234 -pc|--prune-containers delete all services container
235 -pn|--prune-networks delete all services network
236 -ps|--prune-system delete all images, containers, cache,
237 networks and volumes
238 -bs|--build-services build all services and networks
239 -h|--help show this help
240
241`printf \"\\033[1m%s\\033[0m\\n\" \"END\"`
242EOF
243}
244
245function source_passwd_file
246{
247 if [ ! -f \"\${PASSWD_F}\" ]; then
248 echo \"error: PASSWD file not found\" >&2
249 exit 1
250 fi
251
252 if ! source \"\${PASSWD_F}\"; then
253 echo \"error: PASSWD file not sourced\" >&2
254 exit 1
255 fi
256}
257
258function __dkrc_start
259{
260 local -i error
261
262 source_passwd_file
263 pushd \"${instance_d}\" >/dev/null || exit 1
264
265 if sudo systemctl is-active --quiet service apache2.service; then
266 echo \"warning: shutting down apache2.service\" >&2
267 sudo systemctl stop apache2.service
268 fi
269
270 case \"\$1\" in
271 init )
272 GERRIT_ENTRYPOINT_ARGS=init \\
273 _PASSWD_APACHE_HASH_HMAC_PEPPER_=\${_PASSWD_APACHE_HASH_HMAC_PEPPER_} \\
274 _PASSWD_MYSQL_DB_USERNAME_=\${_PASSWD_MYSQL_DB_USERNAME_} \\
275 _PASSWD_MYSQL_DB_PASSWORD_=\${_PASSWD_MYSQL_DB_PASSWORD_} \\
276 _PASSWD_MYSQL_DB_PASSWORD_ROOT_=\${_PASSWD_MYSQL_DB_PASSWORD_ROOT_} \\
277 sudo -E docker-compose up ;;
278 * )
279 [ -z \"\$1\" ] || echo \"warning: input ignored: \$1\" >&2
280
281 _PASSWD_APACHE_HASH_HMAC_PEPPER_=\${_PASSWD_APACHE_HASH_HMAC_PEPPER_} \\
282 _PASSWD_MYSQL_DB_USERNAME_=\${_PASSWD_MYSQL_DB_USERNAME_} \\
283 _PASSWD_MYSQL_DB_PASSWORD_=\${_PASSWD_MYSQL_DB_PASSWORD_} \\
284 _PASSWD_MYSQL_DB_PASSWORD_ROOT_=\${_PASSWD_MYSQL_DB_PASSWORD_ROOT_} \\
285 sudo -E docker-compose up -d ;;
286 esac
287
288 error=\"\$?\"
289 popd >/dev/null
290
291 return \$error
292}
293
294function __dkrc_stop
295{
296 sudo docker stop \$(sudo docker ps -a -q)
297}
298
299function __dkrc_prune_containers
300{
301 sudo docker rm \$(sudo docker ps -a -q)
302}
303
304function __dkrc_prune_networks
305{
306 sudo docker network prune -f
307}
308
309function __dkrc_prune_system
310{
311 sudo docker system prune --all
312}
313
314function __dkrc_build_services
315{
316 local -i error
317
318 source_passwd_file
319 pushd \"${instance_d}\" >/dev/null || exit 1
320
321 _PASSWD_APACHE_HASH_HMAC_PEPPER_=\${_PASSWD_APACHE_HASH_HMAC_PEPPER_} \\
322 _PASSWD_MYSQL_DB_USERNAME_=\${_PASSWD_MYSQL_DB_USERNAME_} \\
323 _PASSWD_MYSQL_DB_PASSWORD_=\${_PASSWD_MYSQL_DB_PASSWORD_} \\
324 _PASSWD_MYSQL_DB_PASSWORD_ROOT_=\${_PASSWD_MYSQL_DB_PASSWORD_ROOT_} \\
325 sudo -E docker-compose build --force-rm --no-cache \$@
326 error=\"\$?\"
327 popd >/dev/null
328
329 return \$error
330}
331
332case \"\$1\" in
Luigi Santivetti1dbf2e72020-10-24 14:42:47 +0000[diff] [blame]333 --start ) __dkrc_start \"\$2\" ;;
334 --stop ) __dkrc_stop ;;
335 -pc|--prune-containers ) __dkrc_prune_containers ;;
336 -pn|--prune-networks ) __dkrc_prune_networks ;;
337 -ps|--prune-system ) __dkrc_prune_system ;;
338 -bs|--build-services ) __dkrc_build_services \"\${@:2}\" ;;
339 -h|--help ) __help ;;
Luigi Santivetti512fb232020-05-18 00:57:16 +0100[diff] [blame]340esac"