From ac16053eaddccffc6136e0bd668a9ddfb99738ec Mon Sep 17 00:00:00 2001 From: crupest Date: Mon, 31 Oct 2022 20:14:32 +0800 Subject: ... --- docker/arch-code-server/Dockerfile | 25 ++++++++++ docker/arch-code-server/archlinux-setup-user.bash | 24 +++++++++ docker/arch-code-server/archlinux-setup.bash | 61 +++++++++++++++++++++++ docker/arch-code-server/restore-pacman-conf.py | 47 +++++++++++++++++ docker/code-server/Dockerfile | 25 ---------- docker/code-server/archlinux-setup-user.bash | 24 --------- docker/code-server/archlinux-setup.bash | 61 ----------------------- docker/code-server/restore-pacman-conf.py | 47 ----------------- template/Caddyfile.template | 2 +- template/docker-compose.yaml.template | 8 +-- template/generate.py | 5 +- tool/.gitignore | 1 + tool/download.py | 27 ++++++++++ 13 files changed, 194 insertions(+), 163 deletions(-) create mode 100644 docker/arch-code-server/Dockerfile create mode 100755 docker/arch-code-server/archlinux-setup-user.bash create mode 100755 docker/arch-code-server/archlinux-setup.bash create mode 100755 docker/arch-code-server/restore-pacman-conf.py delete mode 100644 docker/code-server/Dockerfile delete mode 100755 docker/code-server/archlinux-setup-user.bash delete mode 100755 docker/code-server/archlinux-setup.bash delete mode 100755 docker/code-server/restore-pacman-conf.py create mode 100644 tool/.gitignore create mode 100755 tool/download.py diff --git a/docker/arch-code-server/Dockerfile b/docker/arch-code-server/Dockerfile new file mode 100644 index 0000000..180cb7e --- /dev/null +++ b/docker/arch-code-server/Dockerfile @@ -0,0 +1,25 @@ +FROM archlinux:latest + +ARG CRUPEST_USER +ARG CRUPEST_GROUP +ARG CRUPEST_UID=1000 +ARG CRUPEST_GID=1000 +ARG CRUPEST_PACKAGES="" +ARG CRUPEST_AUR_PACKAGES="" +ARG USE_CHINA_MIRROR="false" +ARG CHINA_MIRROR_URL="https://mirrors.tuna.tsinghua.edu.cn/archlinux/\$repo/os/\$arch" + +ADD ./archlinux-setup.bash ./archlinux-setup-user.bash ./restore-pacman-conf.py /tmp/ + +ENV CRUPEST_IN_DOCKER="true" +WORKDIR /tmp +RUN /tmp/archlinux-setup.bash +USER ${CRUPEST_UID}:${CRUPEST_GID} +WORKDIR /home/${CRUPEST_USER} +RUN /tmp/archlinux-setup-user.bash + +VOLUME [ "/data" ] +EXPOSE 8080 + +ENV CODE_SERVER_CONFIG="/data/code-server-config.yaml" +ENTRYPOINT [ "code-sever", "--bind-addr", "0.0.0.0:8080" ] diff --git a/docker/arch-code-server/archlinux-setup-user.bash b/docker/arch-code-server/archlinux-setup-user.bash new file mode 100755 index 0000000..2b39bd2 --- /dev/null +++ b/docker/arch-code-server/archlinux-setup-user.bash @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +# check if we are in docker by CRUPEST_IN_DOCKER +if [ "${CRUPEST_IN_DOCKER}" != "true" ]; then + echo "This script is intended to be run in a docker container." + exit 1 +fi + +cd ~ || exit 1 + +mkdir data + +mkdir aur +cd aur || exit 1 + +# install all aur packages +for aur_package in ${CRUPEST_AUR_PACKAGES} ; do + echo "Installing ${aur_package} from AUR..." + git clone "https://aur.archlinux.org/${aur_package}.git" --depth 1 + pushd "${aur_package}" || exit 1 + makepkg -sr --noconfirm + makepkg --packagelist | sudo pacman -U --noconfirm - + popd || exit 1 +done diff --git a/docker/arch-code-server/archlinux-setup.bash b/docker/arch-code-server/archlinux-setup.bash new file mode 100755 index 0000000..c926384 --- /dev/null +++ b/docker/arch-code-server/archlinux-setup.bash @@ -0,0 +1,61 @@ +#!/usr/bin/env bash + +# check if we are in docker by CRUPEST_IN_DOCKER +if [ "${CRUPEST_IN_DOCKER}" != "true" ]; then + echo "This script is intended to be run in a docker container." + exit 1 +fi + +# check if we are root +if [ "$(id -u)" != "0" ]; then + echo "This script must be run as root." + exit 1 +fi + +# CRUPEST_USER, CRUPEST_UID, CRUPEST_GID must be defined +if [ -z "$CRUPEST_USER" ] || [ -z "$CRUPEST_UID" ] || [ -z "$CRUPEST_GID" ]; then + echo "CRUPEST_USER, CRUPEST_UID, CRUPEST_GID must be defined." + exit 1 +fi + +# if we are in China (by checking USE_CHINA_MIRROR), use the mirror in China +if [ "$USE_CHINA_MIRROR" = "true" ]; then + echo "You have set USE_CHINA_MIRROR to true, using mirror ${CHINA_MIRROR_URL} (set by CHINA_MIRROR_URL) in China." + echo "Server = ${CHINA_MIRROR_URL}" > /etc/pacman.d/mirrorlist +fi + +# from now on, we don't allow error +set -e + +# Update the system and I need python3 +pacman -Syu --noconfirm python + +# execute the restore pacman config script +python3 ./restore-pacman-conf.py + +# reinstall all installed packages +pacman -Qnq | pacman -S --noconfirm --overwrite=* - + +# install new packages +echo "base-devel git ${CRUPEST_PACKAGES}" | tr " " "\n" | pacman -S --noconfirm --needed - + +# if GROUP not defined, set it the same to USER +if [ -z "$CRUPEST_GROUP" ]; then + CRUPEST_GROUP="$CRUPEST_USER" +fi + +# check if GROUP exists. if not create it with GID +if ! grep -q "^${CRUPEST_GROUP}:" /etc/group; then + groupadd -g "$CRUPEST_GID" "$CRUPEST_GROUP" +fi + +# create user for UID and GID +useradd -m -u "${CRUPEST_UID}" -g "${CRUPEST_GID}" "${CRUPEST_USER}" + +# add the user to sudo +echo "${CRUPEST_USER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers + +# create data directory and change the permission +mkdir -p /data +chown "${CRUPEST_USER}":"${CRUPEST_GROUP}" /data +chmod 700 /data diff --git a/docker/arch-code-server/restore-pacman-conf.py b/docker/arch-code-server/restore-pacman-conf.py new file mode 100755 index 0000000..3486dd3 --- /dev/null +++ b/docker/arch-code-server/restore-pacman-conf.py @@ -0,0 +1,47 @@ +#!/usr/bin/env python3 + +# Fxxk damn shit bash script and linux tools. They just don't work well with text processing, which took me a long time to discover the stupid fact. + +import os +import os.path +import sys +import urllib.request +from http.client import HTTPResponse + +PACMAN_NO_EXTRACT_URL = 'https://gitlab.archlinux.org/archlinux/archlinux-docker/-/raw/master/pacman-conf.d-noextract.conf' + +# check if this is in docker by CRUPEST_IN_DOCKER env +if not os.environ.get('CRUPEST_IN_DOCKER'): + print("Not in docker, exiting!", file=sys.stderr) + exit(1) + +# check if I'm root +if os.geteuid() != 0: + print("Not root, exiting!", file=sys.stderr) + exit(1) + +# check if pacman.conf exists +if not os.path.exists('/etc/pacman.conf'): + print("/etc/pacman.conf does not exist, are you running this in Arch Linux? Exiting!", file=sys.stderr) + exit(2) + +# Download pacman-no-extract file from url +res: HTTPResponse = urllib.request.urlopen(PACMAN_NO_EXTRACT_URL) +if res.status != 200: + print( + f"Failed to download pacman-no-extract file from url: {PACMAN_NO_EXTRACT_URL}, exiting!", file=sys.stderr) + exit(3) + +# Read the content of pacman-no-extract file +pacman_no_extract_content = res.read().decode('utf-8') + +# Read the content of pacman.conf +with open('/etc/pacman.conf', 'r') as f: + pacman_conf_content = f.read() + # remove pacman_no_extract_content from pacman_conf_content + pacman_conf_content = pacman_conf_content.replace( + pacman_no_extract_content, '') + +# Write the content of pacman.conf +with open('/etc/pacman.conf', 'w') as f: + f.write(pacman_conf_content) diff --git a/docker/code-server/Dockerfile b/docker/code-server/Dockerfile deleted file mode 100644 index 180cb7e..0000000 --- a/docker/code-server/Dockerfile +++ /dev/null @@ -1,25 +0,0 @@ -FROM archlinux:latest - -ARG CRUPEST_USER -ARG CRUPEST_GROUP -ARG CRUPEST_UID=1000 -ARG CRUPEST_GID=1000 -ARG CRUPEST_PACKAGES="" -ARG CRUPEST_AUR_PACKAGES="" -ARG USE_CHINA_MIRROR="false" -ARG CHINA_MIRROR_URL="https://mirrors.tuna.tsinghua.edu.cn/archlinux/\$repo/os/\$arch" - -ADD ./archlinux-setup.bash ./archlinux-setup-user.bash ./restore-pacman-conf.py /tmp/ - -ENV CRUPEST_IN_DOCKER="true" -WORKDIR /tmp -RUN /tmp/archlinux-setup.bash -USER ${CRUPEST_UID}:${CRUPEST_GID} -WORKDIR /home/${CRUPEST_USER} -RUN /tmp/archlinux-setup-user.bash - -VOLUME [ "/data" ] -EXPOSE 8080 - -ENV CODE_SERVER_CONFIG="/data/code-server-config.yaml" -ENTRYPOINT [ "code-sever", "--bind-addr", "0.0.0.0:8080" ] diff --git a/docker/code-server/archlinux-setup-user.bash b/docker/code-server/archlinux-setup-user.bash deleted file mode 100755 index 2b39bd2..0000000 --- a/docker/code-server/archlinux-setup-user.bash +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/env bash - -# check if we are in docker by CRUPEST_IN_DOCKER -if [ "${CRUPEST_IN_DOCKER}" != "true" ]; then - echo "This script is intended to be run in a docker container." - exit 1 -fi - -cd ~ || exit 1 - -mkdir data - -mkdir aur -cd aur || exit 1 - -# install all aur packages -for aur_package in ${CRUPEST_AUR_PACKAGES} ; do - echo "Installing ${aur_package} from AUR..." - git clone "https://aur.archlinux.org/${aur_package}.git" --depth 1 - pushd "${aur_package}" || exit 1 - makepkg -sr --noconfirm - makepkg --packagelist | sudo pacman -U --noconfirm - - popd || exit 1 -done diff --git a/docker/code-server/archlinux-setup.bash b/docker/code-server/archlinux-setup.bash deleted file mode 100755 index c926384..0000000 --- a/docker/code-server/archlinux-setup.bash +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/env bash - -# check if we are in docker by CRUPEST_IN_DOCKER -if [ "${CRUPEST_IN_DOCKER}" != "true" ]; then - echo "This script is intended to be run in a docker container." - exit 1 -fi - -# check if we are root -if [ "$(id -u)" != "0" ]; then - echo "This script must be run as root." - exit 1 -fi - -# CRUPEST_USER, CRUPEST_UID, CRUPEST_GID must be defined -if [ -z "$CRUPEST_USER" ] || [ -z "$CRUPEST_UID" ] || [ -z "$CRUPEST_GID" ]; then - echo "CRUPEST_USER, CRUPEST_UID, CRUPEST_GID must be defined." - exit 1 -fi - -# if we are in China (by checking USE_CHINA_MIRROR), use the mirror in China -if [ "$USE_CHINA_MIRROR" = "true" ]; then - echo "You have set USE_CHINA_MIRROR to true, using mirror ${CHINA_MIRROR_URL} (set by CHINA_MIRROR_URL) in China." - echo "Server = ${CHINA_MIRROR_URL}" > /etc/pacman.d/mirrorlist -fi - -# from now on, we don't allow error -set -e - -# Update the system and I need python3 -pacman -Syu --noconfirm python - -# execute the restore pacman config script -python3 ./restore-pacman-conf.py - -# reinstall all installed packages -pacman -Qnq | pacman -S --noconfirm --overwrite=* - - -# install new packages -echo "base-devel git ${CRUPEST_PACKAGES}" | tr " " "\n" | pacman -S --noconfirm --needed - - -# if GROUP not defined, set it the same to USER -if [ -z "$CRUPEST_GROUP" ]; then - CRUPEST_GROUP="$CRUPEST_USER" -fi - -# check if GROUP exists. if not create it with GID -if ! grep -q "^${CRUPEST_GROUP}:" /etc/group; then - groupadd -g "$CRUPEST_GID" "$CRUPEST_GROUP" -fi - -# create user for UID and GID -useradd -m -u "${CRUPEST_UID}" -g "${CRUPEST_GID}" "${CRUPEST_USER}" - -# add the user to sudo -echo "${CRUPEST_USER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers - -# create data directory and change the permission -mkdir -p /data -chown "${CRUPEST_USER}":"${CRUPEST_GROUP}" /data -chmod 700 /data diff --git a/docker/code-server/restore-pacman-conf.py b/docker/code-server/restore-pacman-conf.py deleted file mode 100755 index 3486dd3..0000000 --- a/docker/code-server/restore-pacman-conf.py +++ /dev/null @@ -1,47 +0,0 @@ -#!/usr/bin/env python3 - -# Fxxk damn shit bash script and linux tools. They just don't work well with text processing, which took me a long time to discover the stupid fact. - -import os -import os.path -import sys -import urllib.request -from http.client import HTTPResponse - -PACMAN_NO_EXTRACT_URL = 'https://gitlab.archlinux.org/archlinux/archlinux-docker/-/raw/master/pacman-conf.d-noextract.conf' - -# check if this is in docker by CRUPEST_IN_DOCKER env -if not os.environ.get('CRUPEST_IN_DOCKER'): - print("Not in docker, exiting!", file=sys.stderr) - exit(1) - -# check if I'm root -if os.geteuid() != 0: - print("Not root, exiting!", file=sys.stderr) - exit(1) - -# check if pacman.conf exists -if not os.path.exists('/etc/pacman.conf'): - print("/etc/pacman.conf does not exist, are you running this in Arch Linux? Exiting!", file=sys.stderr) - exit(2) - -# Download pacman-no-extract file from url -res: HTTPResponse = urllib.request.urlopen(PACMAN_NO_EXTRACT_URL) -if res.status != 200: - print( - f"Failed to download pacman-no-extract file from url: {PACMAN_NO_EXTRACT_URL}, exiting!", file=sys.stderr) - exit(3) - -# Read the content of pacman-no-extract file -pacman_no_extract_content = res.read().decode('utf-8') - -# Read the content of pacman.conf -with open('/etc/pacman.conf', 'r') as f: - pacman_conf_content = f.read() - # remove pacman_no_extract_content from pacman_conf_content - pacman_conf_content = pacman_conf_content.replace( - pacman_no_extract_content, '') - -# Write the content of pacman.conf -with open('/etc/pacman.conf', 'w') as f: - f.write(pacman_conf_content) diff --git a/template/Caddyfile.template b/template/Caddyfile.template index df917ac..b2d3dd7 100644 --- a/template/Caddyfile.template +++ b/template/Caddyfile.template @@ -16,5 +16,5 @@ timeline.{{CRUPEST_DOMAIN}} { } code.{{CRUPEST_DOMAIN}} { - reverse_proxy code_server:8080 + reverse_proxy code-server:8080 } diff --git a/template/docker-compose.yaml.template b/template/docker-compose.yaml.template index 5cc6d10..699bc6f 100644 --- a/template/docker-compose.yaml.template +++ b/template/docker-compose.yaml.template @@ -32,15 +32,17 @@ services: - internal code-server: + image: crupest/arch-code-server:latest build: - context: ./docker/code-server + context: ./docker/arch-code-server dockerfile: Dockerfile args: - CRUPEST_USER={{CRUPEST_USER}} - CRUPEST_GROUP={{CRUPEST_GROUP}} - CRUPEST_UID={{CRUPEST_UID}} - CRUPEST_GID={{CRUPEST_GID}} - container_name: code_server + - USE_CHINA_MIRROR={{CRUPEST_IN_CHINA}} + container_name: code-server restart: on-failure:3 volumes: - ./data/code-server:/data @@ -52,7 +54,7 @@ services: caddy: image: caddy:latest container_name: caddy - restart: always + restart: on-failure:3 volumes: - ./Caddyfile:/etc/caddy/Caddyfile - ./site:/srv:ro diff --git a/template/generate.py b/template/generate.py index 1c94cda..a929b07 100755 --- a/template/generate.py +++ b/template/generate.py @@ -8,7 +8,7 @@ import grp import sys required_config_keys = set(["CRUPEST_DOMAIN", "CRUPEST_USER", "CRUPEST_GROUP", "CRUPEST_UID", - "CRUPEST_GID", "CRUPEST_HALO_DB_PASSWORD"]) + "CRUPEST_GID", "CRUPEST_HALO_DB_PASSWORD", "CRUPEST_IN_CHINA"]) print("It's happy to see you!\n") @@ -98,6 +98,7 @@ if not os.path.exists(config_path): config["CRUPEST_UID"] = str(os.getuid()) config["CRUPEST_GID"] = str(os.getgid()) config["CRUPEST_HALO_DB_PASSWORD"] = os.urandom(8).hex() + config["CRUPEST_IN_CHINA"] = "false" config_content = "" for key in config: config_content += f"{key}={config[key]}\n" @@ -160,4 +161,4 @@ for filename in filenames: with open(os.path.join(project_dir, filename), "w") as f: f.write(content) -print("\n🍻All done! See you next time!") +print("\n🍻All done! See you next time!\nBy the way, you may wish to run tool/download.py to download some scripts to do some extra setup like creating email user.") diff --git a/tool/.gitignore b/tool/.gitignore new file mode 100644 index 0000000..512ee29 --- /dev/null +++ b/tool/.gitignore @@ -0,0 +1 @@ +docker-mailserver-setup.sh \ No newline at end of file diff --git a/tool/download.py b/tool/download.py new file mode 100755 index 0000000..a77daa1 --- /dev/null +++ b/tool/download.py @@ -0,0 +1,27 @@ +#!/usr/bin/env python3 + +import os.path + +SCRIPTS = [("docker-mailserver setup script", "docker-mailserver-setup.sh", + "https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/master/setup.sh")] + +this_script_dir = os.path.dirname(os.path.relpath(__file__)) + +for script in SCRIPTS: + name, filename, url = script + path = os.path.join(this_script_dir, filename) + skip = False + if os.path.exists(path): + print(f"{name} already exists, download and overwrite? (y/N)", end=" ") + if input() != "y": + skip = True + else: + print(f"Download {name} to {path}? (Y/n)", end=" ") + if input() == "n": + skip = True + if not skip: + print(f"Downloading {name}...") + os.system(f"curl -s {url} > {path} && chmod +x {path}") + print(f"Downloaded {name} to {path}.") + else: + print(f"Skipped {name}.") -- cgit v1.2.3