From 816fa47cbb218744bef3f055beee858aab2a1e27 Mon Sep 17 00:00:00 2001 From: bunkerity Date: Fri, 12 Mar 2021 12:40:52 +0100 Subject: [PATCH] introducing SWARM_MODE env var --- confs/global/api.conf | 2 ++ entrypoint/defaults.sh | 1 + entrypoint/entrypoint.sh | 48 +++++++++++++++++++++++++------------ entrypoint/global-config.sh | 14 ++--------- entrypoint/logs.sh | 14 +++++++++++ lua/api.lua | 2 +- 6 files changed, 53 insertions(+), 28 deletions(-) create mode 100644 entrypoint/logs.sh diff --git a/confs/global/api.conf b/confs/global/api.conf index 2c5cdba..656e7ca 100644 --- a/confs/global/api.conf +++ b/confs/global/api.conf @@ -1,3 +1,5 @@ +set api_uri "%API_URI%"; + rewrite_by_lua_block { local api = require "api" diff --git a/entrypoint/defaults.sh b/entrypoint/defaults.sh index eb1336e..460c282 100644 --- a/entrypoint/defaults.sh +++ b/entrypoint/defaults.sh @@ -128,3 +128,4 @@ ANTIBOT_SESSION_SECRET="${ANTIBOT_SESSION_SECRET-random}" USE_CROWDSEC="${USE_CROWDSEC-no}" USE_API="${USE_API-no}" API_URI="${API_URI-random}" +SWARM_MODE="${SWARM_MODE-no}" diff --git a/entrypoint/entrypoint.sh b/entrypoint/entrypoint.sh index bc950d1..0798caa 100644 --- a/entrypoint/entrypoint.sh +++ b/entrypoint/entrypoint.sh @@ -31,7 +31,7 @@ trap "trap_exit" TERM INT QUIT # trap SIGHUP function trap_reload() { echo "[*] Catched reload operation" - if [ "$MULTISITE" = "yes" ] ; then + if [ "$MULTISITE" = "yes" ] && [ "$SWARM_MODE" != "yes" ] ; then /opt/entrypoint/multisite-config.sh fi if [ -f /tmp/nginx.pid ] ; then @@ -50,17 +50,28 @@ trap "trap_reload" HUP # do the configuration magic if needed if [ ! -f "/opt/installed" ] ; then + echo "[*] Configuring bunkerized-nginx ..." - /opt/entrypoint/global-config.sh - if [ "$MULTISITE" = "yes" ] ; then - for server in $SERVER_NAME ; do - /opt/entrypoint/site-config.sh "$server" - echo "[*] Multi site - $server configuration done" - done - /opt/entrypoint/multisite-config.sh - else - /opt/entrypoint/site-config.sh - echo "[*] Single site - $SERVER_NAME configuration done" + + # logs config + /opt/entrypoint/logs.sh + + # only do config if we are not in swarm mode + if [ "$SWARM_MODE" = "no" ] ; then + # global config + /opt/entrypoint/global-config.sh + # multisite configs + if [ "$MULTISITE" = "yes" ] ; then + for server in $SERVER_NAME ; do + /opt/entrypoint/site-config.sh "$server" + echo "[*] Multi site - $server configuration done" + done + /opt/entrypoint/multisite-config.sh + # singlesite config + else + /opt/entrypoint/site-config.sh + echo "[*] Single site - $SERVER_NAME configuration done" + fi fi touch /opt/installed else @@ -78,16 +89,23 @@ rsyslogd # start crond crond -# start nginx +# wait until config has been generated if we are in swarm mode +if [ "$SWARM_MODE" != "yes" ] ; then + echo "[*] Waiting until config has been generated ..." + while [ ! -f "/etc/nginx/autoconf" ] ; do + sleep 1 + done +fi + if [ -f "/tmp/nginx-temp.pid" ] ; then nginx -c /etc/nginx/nginx-temp.conf -s quit fi echo "[*] Running nginx ..." su -s "/usr/sbin/nginx" nginx if [ "$?" -eq 0 ] ; then - touch "/opt/running" + echo "[*] nginx successfully started !" else - rm -f "/opt/running" 2> /dev/null + echo "[!] nginx failed to start" fi # list of log files to display @@ -114,7 +132,7 @@ fi # display logs tail -F $LOGS & pid="$!" -while [ -f "/opt/running" ] ; do +while [ -f "/tmp/nginx.pid" ] ; do wait "$pid" done diff --git a/entrypoint/global-config.sh b/entrypoint/global-config.sh index af452ac..22996e7 100644 --- a/entrypoint/global-config.sh +++ b/entrypoint/global-config.sh @@ -7,8 +7,6 @@ . /opt/entrypoint/utils.sh # copy stub confs -cp /opt/logs/rsyslog.conf /etc/rsyslog.conf -cp /opt/logs/logrotate.conf /etc/logrotate.conf cp -r /opt/lua/* /usr/local/lib/lua cp /opt/confs/global/* /etc/nginx/ @@ -310,17 +308,9 @@ if [ "$USE_API" = "yes" ] ; then replace_in_file "/etc/nginx/nginx.conf" "%USE_API%" "include /etc/nginx/api.conf;" if [ "$API_URI" = "random" ] ; then API_URI="/$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)" + echo "[*] Generated API URI : $API_URI" fi - replace_in_file "/usr/local/lib/lua/api.lua" "%API_URI%" "$API_URI" + replace_in_file "/etc/nginx/api.conf" "%API_URI%" "$API_URI" else replace_in_file "/etc/nginx/nginx.conf" "%USE_API%" "" fi - -# create empty logs -touch /var/log/access.log -touch /var/log/error.log - -# setup logrotate -replace_in_file "/etc/logrotate.conf" "%LOGROTATE_MAXAGE%" "$LOGROTATE_MAXAGE" -replace_in_file "/etc/logrotate.conf" "%LOGROTATE_MINSIZE%" "$LOGROTATE_MINSIZE" -echo "$LOGROTATE_CRON /opt/scripts/logrotate.sh > /dev/null 2>&1" >> /etc/crontabs/root diff --git a/entrypoint/logs.sh b/entrypoint/logs.sh new file mode 100644 index 0000000..04e292f --- /dev/null +++ b/entrypoint/logs.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +cp /opt/logs/rsyslog.conf /etc/rsyslog.conf +cp /opt/logs/logrotate.conf /etc/logrotate.conf + +# create empty logs +touch /var/log/access.log +touch /var/log/error.log +touch /var/log/jobs.log + +# setup logrotate +replace_in_file "/etc/logrotate.conf" "%LOGROTATE_MAXAGE%" "$LOGROTATE_MAXAGE" +replace_in_file "/etc/logrotate.conf" "%LOGROTATE_MINSIZE%" "$LOGROTATE_MINSIZE" +echo "$LOGROTATE_CRON /opt/scripts/logrotate.sh > /dev/null 2>&1" >> /etc/crontabs/root diff --git a/lua/api.lua b/lua/api.lua index 60afad5..0bcdae9 100644 --- a/lua/api.lua +++ b/lua/api.lua @@ -1,5 +1,5 @@ local M = {} -local api_uri = "%API_URI%" +local api_uri = ngx.var.api_uri local api_list = {} api_list["^/reload$"] = function ()