From 77fca13edfc0b27dde3509bda31525c79b763d4f Mon Sep 17 00:00:00 2001 From: winkidney Date: Thu, 19 Dec 2019 16:10:14 +0800 Subject: [PATCH] Reafactor: Docker auto-build should be a out-of-the-box image without any extra config --- Dockerfile.autobuild | 33 +++++++------------ docker/bootstrap.sh | 51 ------------------------------ docker/nginx/sites-enabled/default | 10 ++---- docker/pinry/.gitignore | 2 -- docker/scripts/bootstrap.sh | 29 +++++++++++++++++ docker/scripts/gen_key.sh | 22 +++++++------ docker/scripts/start.sh | 8 ++--- 7 files changed, 59 insertions(+), 96 deletions(-) delete mode 100755 docker/bootstrap.sh delete mode 100644 docker/pinry/.gitignore create mode 100755 docker/scripts/bootstrap.sh diff --git a/Dockerfile.autobuild b/Dockerfile.autobuild index 625f867..1b35896 100644 --- a/Dockerfile.autobuild +++ b/Dockerfile.autobuild @@ -10,7 +10,6 @@ # Require: Docker (http://www.docker.io/) # ----------------------------------------------------------------------------- - # Base system is the LTS version of Ubuntu. FROM python:3.7-stretch @@ -20,28 +19,26 @@ RUN groupadd -g 2300 tmpgroup \ && groupadd -g 1000 www-data \ && usermod -g www-data www-data \ && usermod -u 1000 www-data \ - && groupdel tmpgroup \ -# - && mkdir -p /srv/www/pinry/logs \ -# - && mkdir /data \ - && chown -R www-data:www-data /data \ -# - && mkdir -p /var/log/gunicorn \ - && apt-get update \ + && groupdel tmpgroup + +RUN mkdir /data +RUN mkdir -p /data/logs +RUN chown -R www-data:www-data /data + +RUN apt-get update \ && apt-get -y install nginx nginx-extras pwgen \ - && rm -rf /var/lib/apt/lists/* + && rm -rf /var/lib/apt/lists/* \ + && apt-get autoclean RUN pip --no-cache-dir install pipenv gunicorn mysqlclient psycopg2 cx-Oracle -COPY Pipfile* /srv/www/pinry/ +# COPY and start installation +COPY . /srv/www/pinry/ RUN cd /srv/www/pinry \ && pipenv install --three --system --clear -COPY . /srv/www/pinry/ - -# config nodejs and build frontend +# config nodejs RUN curl -L https://raw.githubusercontent.com/tj/n/master/bin/n -o n || exit RUN bash n 10 RUN npm -g install yarn @@ -49,12 +46,6 @@ RUN npm -g install yarn # build frontend RUN cd /srv/www/pinry/pinry-spa/ && yarn install && yarn build -# Fix permissions -RUN chown -R www-data:www-data /srv/www \ - && cd /srv/www/pinry \ - && python manage.py collectstatic --noinput --settings=pinry.settings.docker - - # Load in all of our config files. ADD docker/nginx/nginx.conf /etc/nginx/nginx.conf ADD docker/nginx/sites-enabled/default /etc/nginx/sites-enabled/default diff --git a/docker/bootstrap.sh b/docker/bootstrap.sh deleted file mode 100755 index 62d5c84..0000000 --- a/docker/bootstrap.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash - -script_dir="$( dirname "${0}" )" -# Force users to login before seeing any pins. -if [ "${ALLOW_NEW_REGISTRATIONS}" = "" ]; then - ALLOW_NEW_REGISTRATIONS=true -fi - -if [[ "$(docker images -q pinry/pinry 2> /dev/null)" == "" ]]; then - echo "No docker image found, building..." && "${script_dir}/build_docker.sh" -fi - -echo "==================================================================================" -echo "Note: Please copy this key and keep it in a secure place." -echo "Then you should manually edit your pinry/local_settings.py" -echo "and replace SECRET_KEY with new secret-key if you had previously generated a" -echo "pinry/local_settings.py." -echo "If no previous pinry/local_settings.py generated, you can have a look and edit it." -echo "If you want to use docker-compose, just edit docker-compose.yml and use 'docker-compose up'" - -SECRET_KEY=$(sudo docker run pinry/pinry /scripts/gen_key.sh) - -echo "" -echo "Your secret-key is(also saved/overwritten your docker's /data/production_secret_key.txt):" -echo "" -echo ${SECRET_KEY} -echo "==================================================================================" - -local_settings_file="${script_dir}/pinry/local_settings.py" -# Create local_settings.py -if [ ! -f "${local_settings_file}" ]; -then - cp "${script_dir}/pinry/local_settings.example.py" "${local_settings_file}" - sed -i "s/secret\_key\_place\_holder/${SECRET_KEY}/" "${local_settings_file}" - - # Force users to login before seeing any pins. - if [ "${PRIVATE}" = "true" ]; then - sed -i "s/PUBLIC = True/PUBLIC = False/" "${local_settings_file}" - fi - - # Enable people from creating new accounts. - if [ "${ALLOW_NEW_REGISTRATIONS}" = "true" ]; then - sed -i "s/ALLOW_NEW_REGISTRATIONS = False/ALLOW_NEW_REGISTRATIONS = True/" "${local_settings_file}" - fi -fi - -# Copy to docker-compose.yml -if [ ! -f "${script_dir}/docker-compose.yml" ]; -then - cp "${script_dir}/docker-compose.example.yml" "${script_dir}/docker-compose.yml" -fi diff --git a/docker/nginx/sites-enabled/default b/docker/nginx/sites-enabled/default index a098d16..904bcd6 100644 --- a/docker/nginx/sites-enabled/default +++ b/docker/nginx/sites-enabled/default @@ -2,14 +2,10 @@ server { listen 80 default; server_name _; - access_log /srv/www/pinry/logs/access.log; - error_log /srv/www/pinry/logs/error.log; + access_log /data/logs/access.log; + error_log /data/logs/error.log; - location /media { - alias /data/static/media; - expires max; - access_log off; - } + root /srv/www/pinry/pinry-spa/dist/; location /static { alias /data/static; diff --git a/docker/pinry/.gitignore b/docker/pinry/.gitignore deleted file mode 100644 index 49ce140..0000000 --- a/docker/pinry/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -local_settings.py -production_secret_key.txt \ No newline at end of file diff --git a/docker/scripts/bootstrap.sh b/docker/scripts/bootstrap.sh new file mode 100755 index 0000000..12302cc --- /dev/null +++ b/docker/scripts/bootstrap.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +gen_key() { + echo "==================================================================================" + echo "Note: Please copy this key and keep it in a secure place." + echo "Then you should manually edit your pinry/local_settings.py" + echo "and replace SECRET_KEY with new secret-key if you had previously generated a" + echo "pinry/local_settings.py." + echo "If no previous pinry/local_settings.py generated, you can have a look and edit it." + echo "If you want to use docker-compose, just edit docker-compose.yml and use 'docker-compose up'" + + SECRET_KEY=$(bash /scripts/gen_key.sh) + + echo "" + echo "Your secret-key is(also saved/overwritten your docker's /data/production_secret_key.txt):" + echo "" + echo ${SECRET_KEY} + echo "==================================================================================" +} + +local_settings_file="/data/local_settings.py" +# Create local_settings.py +if [ ! -f "${local_settings_file}" ]; +then + cp "/srv/www/pinry/settings/local_settings.example.py" "${local_settings_file}" + gen_key + sed -i "s/secret\_key\_place\_holder/${SECRET_KEY}/" "${local_settings_file}" + ln -s "${local_settings_file}" "/srv/www/pinry/settings/local_settings.py" +fi diff --git a/docker/scripts/gen_key.sh b/docker/scripts/gen_key.sh index ddc28e0..46392f7 100755 --- a/docker/scripts/gen_key.sh +++ b/docker/scripts/gen_key.sh @@ -1,13 +1,15 @@ #!/bin/bash -# Check for secret key if one doesn't exist create. -if [ ! -f /data/production_secret_key.txt ] -then - cd /data - PRODUCTION_SECRET_KEY=`pwgen -c -n -1 65` - echo $PRODUCTION_SECRET_KEY > /data/production_secret_key.txt -else - PRODUCTION_SECRET_KEY=`cat /data/production_secret_key.txt` -fi +gen_key() { + # Check for secret key if one doesn't exist create. + if [ ! -f /data/production_secret_key.txt ] + then + cd /data + PRODUCTION_SECRET_KEY=`pwgen -c -n -1 65` + echo $PRODUCTION_SECRET_KEY > /data/production_secret_key.txt + else + PRODUCTION_SECRET_KEY=`cat /data/production_secret_key.txt` + fi -echo ${PRODUCTION_SECRET_KEY} + echo ${PRODUCTION_SECRET_KEY} +} diff --git a/docker/scripts/start.sh b/docker/scripts/start.sh index 68251c9..c704668 100755 --- a/docker/scripts/start.sh +++ b/docker/scripts/start.sh @@ -9,13 +9,11 @@ # Updated: Aug 19th, 2014 # ----------------------------------------------------------------------------- +bash /scripts/bootstrap.sh # If static files don't exist collect them -if [ ! -d /data/static ] -then - cd /srv/www/pinry - python manage.py collectstatic --noinput -fi +cd /srv/www/pinry +python manage.py collectstatic --noinput # If database doesn't exist yet create it if [ ! -f /data/production.db ]