-
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathentrypoint.sh
166 lines (148 loc) · 4.12 KB
/
entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
#!/usr/bin/env sh
LOG_DIR=/modoh/log
LOG_FILE=${LOG_DIR}/doh-auth-proxy.log
LOG_SIZE=10M
LOG_NUM=10
LOGGING=${LOG_TO_FILE:-false}
USER=${HOST_USER:-doh-auth-proxy}
USER_ID=${HOST_UID:-900}
GROUP_ID=${HOST_GID:-900}
QUERY_LOG_FILE=${LOG_DIR}/query.log
QUERY_LOGGING=${ENABLE_QUERY_LOG:-false}
#######################################
# Setup logrotate
function setup_logrotate () {
if [ $LOGROTATE_NUM ]; then
LOG_NUM=${LOGROTATE_NUM}
fi
if [ $LOGROTATE_SIZE ]; then
LOG_SIZE=${LOGROTATE_SIZE}
fi
cat > /etc/logrotate.conf << EOF
# see "man logrotate" for details
# rotate log files weekly
weekly
# use the adm group by default, since this is the owning group
# of /var/log/syslog.
# su root adm
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# use date as a suffix of the rotated file
#dateext
# uncomment this if you want your log files compressed
#compress
# packages drop log rotation information into this directory
include /etc/logrotate.d
# system-specific logs may be also be configured here.
EOF
if "${LOGGING}"; then
cat > /etc/logrotate.d/doh-auth-proxy.conf << EOF
${LOG_FILE} {
dateext
daily
missingok
rotate ${LOG_NUM}
notifempty
compress
delaycompress
dateformat -%Y-%m-%d-%s
size ${LOG_SIZE}
copytruncate
su ${USER} ${USER}
}
EOF
fi
if "${QUERY_LOGGING}"; then
cat > /etc/logrotate.d/query-log.conf << EOF
${QUERY_LOG_FILE} {
dateext
daily
missingok
rotate ${LOG_NUM}
notifempty
compress
delaycompress
dateformat -%Y-%m-%d-%s
size ${LOG_SIZE}
copytruncate
su ${USER} ${USER}
}
EOF
fi
}
#######################################
function setup_ubuntu () {
# Check the existence of the user, if not exist, create it.
if [ ! $(id ${USER}) ]; then
echo "doh-auth-proxy: Create user ${USER} with ${USER_ID}:${GROUP_ID}"
groupadd -g ${GROUP_ID} ${USER}
useradd -u ${USER_ID} -g ${GROUP_ID} ${USER}
fi
# for crontab when logging
if ${LOGGING} || ${QUERY_LOGGING} ; then
# Set up logrotate
setup_logrotate
# Setup cron
mkdir -p /etc/cron.15min/
cp -p /etc/cron.daily/logrotate /etc/cron.15min/
echo "*/15 * * * * root cd / && run-parts --report /etc/cron.15min" >> /etc/crontab
service cron start
fi
}
#######################################
function setup_alpine () {
id ${USER} > /dev/null
# Check the existence of the user, if not exist, create it.
if [ $? -eq 1 ]; then
echo "doh-auth-proxy: Create user ${USER} with ${USER_ID}:${GROUP_ID}"
addgroup -g ${GROUP_ID} ${USER}
adduser -H -D -u ${USER_ID} -G ${USER} ${USER}
fi
# for crontab when logging
if ${LOGGING} || ${QUERY_LOGGING} ; then
# Set up logrotate
setup_logrotate
# Setup cron
cp -f /etc/periodic/daily/logrotate /etc/periodic/15min
crond -b -l 8
fi
}
#######################################
if [ $(whoami) != "root" -o $(id -u) -ne 0 -a $(id -g) -ne 0 ]; then
echo "Do not execute 'docker run' or 'docker-compose up' with a specific user through '-u'."
echo "If you want to run 'doh-auth-proxy' with a specific user, use HOST_USER, HOST_UID and HOST_GID environment variables."
exit 1
fi
# Check gosu or su-exec, determine linux distribution, and set up user
if [ $(command -v gosu) ]; then
# Ubuntu Linux
alias gosu='gosu'
setup_ubuntu
LINUX="Ubuntu"
elif [ $(command -v su-exec) ]; then
# Alpine Linux
alias gosu='su-exec'
setup_alpine
LINUX="Alpine"
else
echo "Unknown distribution!"
exit 1
fi
# Check the given user and its uid:gid
if [ $(id -u ${USER}) -ne ${USER_ID} -a $(id -g ${USER}) -ne ${GROUP_ID} ]; then
echo "${USER} exists or was previously created. However, its uid and gid are inconsistent. Please recreate your container."
exit 1
fi
# Change permission according to the given user
chown -R ${USER_ID}:${USER_ID} /modoh
# run doh-auth-proxy
echo "Start with user: ${USER} (${USER_ID}:${GROUP_ID})"
if "${LOGGING}"; then
echo "Start with writing log file"
gosu ${USER} sh -c "/modoh/run.sh 2>&1 | tee ${LOG_FILE}"
else
echo "Start without writing log file"
gosu ${USER} sh -c "/modoh/run.sh 2>&1"
fi