Bash API changes and Gitea+PostgreSQL fixes

2024-11-22 08:04:20 +01:00 · 2021-01-20 16:58:44 +01:00 · 2021-01-20 16:58:44 +01:00 · af83dbf7c4
parent 81a5a58dba
commit af83dbf7c4
3 changed files with 137 additions and 48 deletions
--- a/docker/bash-lib/main.bash
+++ b/docker/bash-lib/main.bash
@ -10,6 +10,80 @@ save_env() {
    done
 }

+make_opt() {
+    local name="$1"
+
+    echo "_${name,,}"
+}
+
+## Args
+# - var - variable name, for example PG_DATA
+# - default - default value
+default_opt() {
+    local var="$1"
+    local default="$2"
+
+    local parsed="$(make_opt $var)"
+    local result="${!var:-$default}"
+    eval "$parsed=\"$result\""
+}
+
+## Args
+# - var - variable name, for example PG_DATA
+# - error - error message
+required_opt() {
+    local var="$1"
+    local error="$2"
+
+    if [[ ! -z "${!var:-}" ]] ; then
+	local parsed="$(make_opt $var)"
+	eval "$parsed=\"\$$var\""
+    else
+	echo_exit "$error"
+    fi
+}
+
+## Args
+# - path - path to the inode to check
+# - uid - desired uid
+# - gid - desired gid
+check_owner() {
+    local path="$1"
+    local desired_uid="$2"
+    local desired_gid="$3"
+
+    uid=$($_prog_busybox/bin/stat -c '%u' $path || \
+	      echo_exit "Failed to get uid of $path")
+    gid=$($_prog_busybox/bin/stat -c '%g' $path || \
+	      echo_exit "Failed to get gid of $path")
+
+    [[ $uid == $desired_uid ]] && [[ $gid == $desired_gid ]] || \
+	echo_exit "Invalid owner for \`$path\`, has $uid:$gid wanted $desired_uid:$desired_gid"
+
+}
+
+## Args
+# - path - path to the directory to create
+# - uid - desired uid
+# - gid - desired gid
+mkdir_chown() {
+    path="$1"
+    uid="$2"
+    gid="$3"
+
+    [[ ! -f "$path" ]] \
+	&& $_prog_busybox/bin/mkdir -p "$path" && $_prog_busybox/bin/chown "$uid:$gid" "$path"
+}
+
+## Args
+# - uid - currently set uid
+check_root() {
+    local uid="$1"
+
+    [[ "$uid" = "0" ]] \
+	&& echo_exit "UID is set to $uid, which would cause an infinite loop!"
+}
+
 ## Args
 # - message - message to exit with
 echo_exit() {
--- a/docker/gitea/init
+++ b/docker/gitea/init
@ -11,7 +11,8 @@ if [[ $($_prog_busybox/bin/id -u) = 0 ]] ; then
 ##
 ## USER_UID ? $_conf_user_uid - default user id
 ## USER_GID ? $_conf_user_gid - default group id
-## APP_INI - app.ini file location for Gitea, will not overwrite existing config!
+## [ APP_INI ] - app.ini file location for Gitea
+## APP_INI_OVERWRITE - whether an existing app.ini shall be overwritten, anything else than "" means \`true\`!
 ## for other options please look at https://docs.gitea.io/en-us/install-with-docker/#environment-variables

 ### Recommended volumes (many directories which exist in normal Docker containers, do not exist in this one)
@ -20,15 +21,19 @@ if [[ $($_prog_busybox/bin/id -u) = 0 ]] ; then

 EOF

-    _user_uid="${USER_UID:-$_conf_user_uid}"
-    _user_gid="${USER_GID:-$_conf_user_gid}"
-    _app_ini="${APP_INIT:-}"
+    default_opt USER_UID "$_conf_user_uid"
+    default_opt USER_GID "$_conf_user_gid"
+    default_opt APP_INI ""
+    _app_ini_overwrite=$([[ ! -z "${APP_INI_OVERWRITE:-}" ]] && printf true || printf false)

    $_prog_busybox/bin/cat << EOF
 ### Starting with options:
 ## USER_UID = "$_user_uid"
 ## USER_GID = "$_user_gid"
+## APP_INI = "$_app_ini"
+## APP_INI_OVERWRITE = "$_app_ini_overwrite"
 EOF
+    $_prog_busybox/bin/env

    (
 	set -e
@ -36,44 +41,47 @@ EOF
 	echo "gitea:x:$_user_gid:" > /etc/group
    ) || echo_exit "Failed to create user and group!"

-    $_prog_busybox/bin/mkdir -p $_conf_data /tmp
+    mkdir_chown $_conf_data "$_user_uid" "$_user_gid"
+    mkdir_chown /tmp "$_user_uid" "$_user_gid"

-    data_uid=$($_prog_busybox/bin/stat -c '%u' $_conf_data || \
-		   echo_exit "Failed to get uid of $_conf_data")
-    data_gid=$($_prog_busybox/bin/stat -c '%g' $_conf_data || \
-		   echo_exit "Failed to get gid of $_conf_data")
-    if [[ $data_uid != $_user_uid ]] || [[ $data_gid != $_user_gid ]] ; then
-	$_prog_busybox/bin/chown gitea:gitea $_conf_data /tmp || \
-	    echo_exit "Failed to chown $_conf_data! (uid: $data_uid, gid: $data_gid)"
-    fi
-
-    if [[ ! -z "$_app_ini" ]] ; then
-	if [[ -f "$_app_ini" ]] ; then
-	    if [[ ! -f "$_conf_data/app.ini" ]] ; then
-		cp "$_app_ini" "$_conf_data/app.ini"
-	    else
-		echo_exit "APP_INI set, but $_conf_data/app.ini exists!"
-	    fi
-	else
-	    echo_exit "APP_INI set, but $_app_ini does not exist!"
-	fi
-    fi
-    
+    check_owner "$_conf_data" "$_user_uid" "$_user_gid" 

    save_env "_user_uid \
 	      _user_gid \
 	      _conf_data \
-	      _prog_gitea" > /env # TODO: exited even though it must have succeded || \
+	      _prog_gitea \
+	      _app_ini \
+	      _app_ini_overwrite \
+	      " > /env # TODO: exited even though it must have succeded || \
 	# echo_exit "Failed to save environment!"
    
-    [[ "$_user_uid" = "0" ]] \
-	&& echo_exit "UID is set to $_user_uid, which would cause an infinite loop!"
+    check_root "$_user_uid"
    exec $_prog_busybox/bin/su gitea -c "$0 $@" || \
 	echo_exit "Failed to switch user!"
 else
    source /env || \
 	echo_exit "Failed to source env!"

+    if [[ ! -z "$_app_ini" ]] ; then
+	if [[ -f "$_app_ini" ]] ; then
+	    if [[ ! -f "$_conf_data/app.ini" ]] ; then
+		$_prog_busybox/bin/cp "$_app_ini" "$_conf_data/app.ini" || \
+		    echo_exit "Failed to copy app.ini!"
+	    else
+		if [[ "$_app_ini_overwrite" = "true" ]] ; then
+		    $_prog_busybox/bin/cp "$_app_ini" "$_conf_data/app.ini" || \
+			echo_exit "Failed to copy app.ini!"
+		elif [[ "$_app_ini_overwrite" = "false" ]] ; then
+		    echo_exit "APP_INI set, but $_conf_data/app.ini exists!"
+		else
+		    echo_exit "\$_api_ini_overwrite has invalid value $_api_init_overwrite, this is an internal issue, please report ASAP!"
+		fi
+	    fi
+	else
+	    echo_exit "APP_INI set, but $_app_ini does not exist!"
+	fi
+    fi
+
    export GITEA_WORK_DIR=$_conf_data

    echo
--- a/docker/postgresql/init
+++ b/docker/postgresql/init
@ -17,7 +17,9 @@ if [[ $(${_prog_busybox}/bin/id -u) = 0 ]] ; then
 ## INITDB_ARGS ? "" - passed to \`initdb\`
 ## [ INITDB_WALDIR ] ? $_conf_waldir - write-ahead log directory
 ## HOST_AUTH_METHOD ? $_conf_host_auth_method - password authentication method
-## [ PG_HBA ] - overrides the creation of pg_hba.conf
+## [ PG_HBA ] - overrides the creation of pg_hba.conf, if not set a default one is created
+## [ POSTGRES_CONF ] - postgres.conf file location for PostgreSQL 
+## [ POSTGRES_CONF_OVERWRITE ] - 
 ## PGDATA ? $_conf_data - PostgreSQL data folder

 ### Recommended volumes (many directories which exist in normal Docker containers, do not exist in this one)
@ -65,15 +67,15 @@ EOF

    ${_prog_busybox}/bin/cat << EOF
 ## Starting with options:
-## POSTGRES_UID = "$_user_uid"
-## POSTGRES_GID = "$_user_gid"
-## POSTGRES_USER = "$_conf_user"
-## POSTGRES_PASSWORD = <REDACTED>
-## POSTGRES_DB = "$_database"
+## USER_UID = "$_user_uid"
+## USER_GID = "$_user_gid"
+## USER = "$_conf_user"
+## PASSWORD = <REDACTED>
+## DATABASE = "$_database"
 ## NO_CREATE_DB = "$([[ ! -z "$_no_create_db" ]] && echo true || echo false)"
-## POSTGRES_INITDB_ARGS = "$_initdb_args"
-## POSTGRES_INITDB_WALDIR = "$([[ ! -z "$_initdb_waldir" ]] && echo $_initdb_waldir || echo null)"
-## POSTGRES_HOST_AUTH_METHOD = "$_host_auth_method"
+## INITDB_ARGS = "$_initdb_args"
+## INITDB_WALDIR = "$([[ ! -z "$_initdb_waldir" ]] && echo $_initdb_waldir || echo null)"
+## HOST_AUTH_METHOD = "$_host_auth_method"
 ## PG_HBA = "$([[ ! -z "$_pg_hba" ]] && echo $_pg_hba || echo null)"
 ## PGDATA="$_pgdata"
 EOF
@ -90,9 +92,9 @@ EOF
 	) || \
 	    echo_exit "Failed to create PGDATA!"
    else
-	_pgdata_uid=$(${_prog_busybox}/bin/stat -c "%U" "$_pgdata" || \
+	_pgdata_uid=$(${_prog_busybox}/bin/stat -c "%u" "$_pgdata" || \
 		   echo_exit "Failed to get uid of PGDATA!")
-	_pgdata_gid=$(${_prog_busybox}/bin/stat -c "%G" "$_pgdata" || \
+	_pgdata_gid=$(${_prog_busybox}/bin/stat -c "%g" "$_pgdata" || \
 		   echo_exit "Failed to get gid of PGDATA!")
 	
 	if [[ $_pgdata_uid != $_user_uid ]] || [[ $_pgdata_gid != $_user_gid ]] ; then
@ -186,6 +188,9 @@ else
 	if [ -n "$_database" ]; then
 	    query_runner+=( --dbname "$_database" )
 	fi
+	if [[ "$_host_auth_method" = "scram-sha-256" ]] ; then
+	    query_runner+=( --auth-host=scram-sha-256 )
+	fi
 	
 	"${query_runner[@]}" "$@"
    }
@ -195,7 +200,7 @@ else
    setup_db() {
 	local dbAlreadyExists
 	dbAlreadyExists="$(
-POSTGRES_DB= process_sql --dbname postgres --set db="$_database" --tuples-only <<-'EOSQL'
+POSTGRES_DB= process_sql --dbname "$_database" --set db="$_database" --tuples-only <<-'EOSQL'
  SELECT 1 FROM pg_database WHERE datname = :'db' ;
 EOSQL
 	  )"
@ -222,14 +227,16 @@ EOSQL

 	temp_server_stop
 	unset PGPASSWORD
-    fi

-    if [[ -z "$_pg_hba" ]] ; then
-	echo "host all all all $_host_auth_method" >> "$_pgdata/pg_hba.conf"
-    else
-	cp "$_pg_hba" "$_pgdata/pg_hba.conf"
+	if [[ -z "$_pg_hba" ]] ; then
+	    echo "host all all all $_host_auth_method" >> "$_pgdata/pg_hba.conf"
+	else
+	    cp "$_pg_hba" "$_pgdata/pg_hba.conf"
+	fi
    fi
    
-    echo "\nStarting PostgreSQL"
-    exec $_prog_postgres/bin/postgres -D "$_pgdata"
+    echo
+    echo "Starting PostgreSQL"
+    export PGDATA="$_pgdata"
+    exec $_prog_postgres/bin/postgres
 fi