From 14a4f865249bffe2071a081b1922fc551f014017 Mon Sep 17 00:00:00 2001 From: "aynic.os" Date: Sat, 4 Jun 2022 02:24:35 +0200 Subject: [PATCH] fix make install --- ansible/def.ansible.mk | 3 +- ansible/roles/docker/tasks/config.yml | 2 +- ansible/roles/docker/tasks/files.yml | 14 --------- ansible/roles/hosts/files/.bash_profile | 7 +++-- ansible/roles/hosts/files/.dircolors_aliases | 7 ----- ansible/roles/hosts/files/.docker_aliases | 1 - .../hosts/files/{.profile => .sh_profile} | 5 ++-- ansible/roles/hosts/files/.vim_aliases | 1 - ansible/roles/hosts/files/etc/init.d/myos | 12 +++----- .../hosts/files/etc/profile.d/rc_functions.sh | 3 +- ansible/roles/hosts/tasks/config.yml | 12 +------- ansible/roles/hosts/tasks/git.yml | 2 +- ansible/roles/hosts/tasks/user.yml | 12 ++++---- ansible/roles/remotes/tasks/git.yml | 2 +- docker/compose/Dockerfile | 2 +- docker/fabio/Dockerfile | 2 +- docker/registrator/Dockerfile | 30 +++++-------------- make/def.mk | 2 +- make/env.mk | 2 +- stack/node/node.yml | 9 +++++- 20 files changed, 46 insertions(+), 84 deletions(-) delete mode 100644 ansible/roles/hosts/files/.dircolors_aliases delete mode 100644 ansible/roles/hosts/files/.docker_aliases rename ansible/roles/hosts/files/{.profile => .sh_profile} (85%) delete mode 100644 ansible/roles/hosts/files/.vim_aliases diff --git a/ansible/def.ansible.mk b/ansible/def.ansible.mk index 0f7699d..0c5296e 100644 --- a/ansible/def.ansible.mk +++ b/ansible/def.ansible.mk @@ -1,3 +1,4 @@ +ANSIBLE_APP_TYPE ?= myos ANSIBLE_ARGS ?= $(if $(filter-out 0,$(UID)),$(if $(shell sudo -l 2>/dev/null |grep 'NOPASSWD: ALL'),,--ask-become-pass))$(if $(DOCKER_RUN),$(if $(shell ssh-add -l >/dev/null 2>&1 || echo false), --ask-pass)) ANSIBLE_AWS_ACCESS_KEY_ID ?= $(AWS_ACCESS_KEY_ID) ANSIBLE_AWS_DEFAULT_OUTPUT ?= $(AWS_DEFAULT_OUTPUT) @@ -29,7 +30,7 @@ ANSIBLE_USERNAME ?= $(USER) ANSIBLE_VERBOSE ?= $(if $(DEBUG),-vvvv,$(if $(VERBOSE),-v)) CMDS += ansible ansible-playbook DOCKER_RUN_OPTIONS += $(if $(DOCKER_INTERNAL_DOCKER_HOST),--add-host=host.docker.internal:$(DOCKER_INTERNAL_DOCKER_HOST)) -ENV_VARS += ANSIBLE_AWS_ACCESS_KEY_ID ANSIBLE_AWS_DEFAULT_OUTPUT ANSIBLE_AWS_DEFAULT_REGION ANSIBLE_AWS_SECRET_ACCESS_KEY ANSIBLE_CONFIG ANSIBLE_DISKS_NFS_DISK ANSIBLE_DISKS_NFS_OPTIONS ANSIBLE_DISKS_NFS_PATH ANSIBLE_DOCKER_IMAGE_TAG ANSIBLE_DOCKER_REGISTRY ANSIBLE_EXTRA_VARS ANSIBLE_GIT_DIRECTORY ANSIBLE_GIT_KEY_FILE ANSIBLE_GIT_REPOSITORY ANSIBLE_GIT_VERSION ANSIBLE_INVENTORY ANSIBLE_MYOS ANSIBLE_PLAYBOOK ANSIBLE_SSH_AUTHORIZED_KEYS ANSIBLE_SSH_BASTION_HOSTNAME ANSIBLE_SSH_BASTION_USERNAME ANSIBLE_SSH_PRIVATE_IP_RANGE ANSIBLE_SSH_PRIVATE_KEYS ANSIBLE_SSH_PUBLIC_HOSTS ANSIBLE_SSH_USERNAME ANSIBLE_USERNAME ANSIBLE_VERBOSE +ENV_VARS += ANSIBLE_APP_TYPE ANSIBLE_AWS_ACCESS_KEY_ID ANSIBLE_AWS_DEFAULT_OUTPUT ANSIBLE_AWS_DEFAULT_REGION ANSIBLE_AWS_SECRET_ACCESS_KEY ANSIBLE_CONFIG ANSIBLE_DISKS_NFS_DISK ANSIBLE_DISKS_NFS_OPTIONS ANSIBLE_DISKS_NFS_PATH ANSIBLE_DOCKER_IMAGE_TAG ANSIBLE_DOCKER_REGISTRY ANSIBLE_EXTRA_VARS ANSIBLE_GIT_DIRECTORY ANSIBLE_GIT_KEY_FILE ANSIBLE_GIT_REPOSITORY ANSIBLE_GIT_VERSION ANSIBLE_INVENTORY ANSIBLE_MYOS ANSIBLE_PLAYBOOK ANSIBLE_SSH_AUTHORIZED_KEYS ANSIBLE_SSH_BASTION_HOSTNAME ANSIBLE_SSH_BASTION_USERNAME ANSIBLE_SSH_PRIVATE_IP_RANGE ANSIBLE_SSH_PRIVATE_KEYS ANSIBLE_SSH_PUBLIC_HOSTS ANSIBLE_SSH_USERNAME ANSIBLE_USERNAME ANSIBLE_VERBOSE # function ansible: Call run ansible ANSIBLE_ARGS with arg 1 define ansible diff --git a/ansible/roles/docker/tasks/config.yml b/ansible/roles/docker/tasks/config.yml index fe1ee9e..5dc1713 100644 --- a/ansible/roles/docker/tasks/config.yml +++ b/ansible/roles/docker/tasks/config.yml @@ -13,7 +13,7 @@ ignore_errors: true - name: config - add docker daemon storage configuration - when: false and docker_package|length > 0 + when: docker_package|length > 0 template: src: daemon.json.j2 dest: "{{docker_daemon_config_file}}" diff --git a/ansible/roles/docker/tasks/files.yml b/ansible/roles/docker/tasks/files.yml index 76aba9c..800ebba 100644 --- a/ansible/roles/docker/tasks/files.yml +++ b/ansible/roles/docker/tasks/files.yml @@ -1,20 +1,6 @@ --- # file: tasks/files.yml -- name: files - copy files - with_items: - - /usr/local/bin/docker-build - - /usr/local/bin/docker-cleanup - - /usr/local/bin/docker-cleanup-images - - /usr/local/bin/docker-cleanup-volumes - - /usr/local/bin/docker-log-cleanup - - /usr/local/bin/docker-log-truncate - - /usr/local/bin/docker-run - - /usr/local/bin/docker-get-image - - /usr/local/bin/docker-get-status - copy: src=../files/{{item}} dest={{item}} owner=root group=root mode=0755 - become: yes - - name: files - copy sysctl configuration files with_items: - /etc/sysctl.d/docker.conf diff --git a/ansible/roles/hosts/files/.bash_profile b/ansible/roles/hosts/files/.bash_profile index d7a82fd..fafc60b 100644 --- a/ansible/roles/hosts/files/.bash_profile +++ b/ansible/roles/hosts/files/.bash_profile @@ -1,11 +1,12 @@ +# shellcheck shell=bash source=/dev/null # ~/.bash_profile: executed by the command interpreter for bash login shell. -[ -f ~/.profile ] && source ~/.profile +[ -f ~/.sh_profile ] && . ~/.sh_profile # bash-completion if ! shopt -oq posix && [ -z "${BASH_COMPLETION_VERSINFO-}" ]; then - if [ ${BASH_VERSINFO[0]} -gt 4 ] \ - || [ ${BASH_VERSINFO[0]} -eq 4 -a ${BASH_VERSINFO[1]} -ge 1 ]; then + if [ "${BASH_VERSINFO[0]}" -gt 4 ] \ + || { [ "${BASH_VERSINFO[0]}" -eq 4 ] && [ "${BASH_VERSINFO[1]}" -ge 1 ] ;}; then shopt -q progcomp && for file in \ /{*/local,usr}/share/bash-completion/bash_completion \ /etc/bash_completion; do diff --git a/ansible/roles/hosts/files/.dircolors_aliases b/ansible/roles/hosts/files/.dircolors_aliases deleted file mode 100644 index e578625..0000000 --- a/ansible/roles/hosts/files/.dircolors_aliases +++ /dev/null @@ -1,7 +0,0 @@ -test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" -alias ls='ls --color=auto' -alias dir='dir --color=auto' -alias vdir='vdir --color=auto' -alias grep='grep --color=auto' -alias fgrep='fgrep --color=auto' -alias egrep='egrep --color=auto' diff --git a/ansible/roles/hosts/files/.docker_aliases b/ansible/roles/hosts/files/.docker_aliases deleted file mode 100644 index b391747..0000000 --- a/ansible/roles/hosts/files/.docker_aliases +++ /dev/null @@ -1 +0,0 @@ -alias ctop='docker run --rm -it -v /var/run/docker.sock:/var/run/docker.sock:ro quay.io/vektorlab/ctop:latest' diff --git a/ansible/roles/hosts/files/.profile b/ansible/roles/hosts/files/.sh_profile similarity index 85% rename from ansible/roles/hosts/files/.profile rename to ansible/roles/hosts/files/.sh_profile index 0a3cb24..9345639 100644 --- a/ansible/roles/hosts/files/.profile +++ b/ansible/roles/hosts/files/.sh_profile @@ -1,4 +1,5 @@ -# ~/.profile: executed by the command interpreter for login shells. +# shellcheck shell=sh source=/dev/null +# ~/.sh_profile: executed by the command interpreter for login shells. # set -x # source ~/.*aliases and ~/.*functions files @@ -24,7 +25,7 @@ for file in "$HOME"/.*shrc; do # remove $HOME/. prefix from file file="${file#${HOME}/.}" # source file if match current shell - [ "$(basename ${SHELL})" = "${file%rc}" ] && . "${HOME}/.$file" + [ "$(basename "${SHELL}")" = "${file%rc}" ] && . "${HOME}/.$file" done # set PATH to include user's bin diff --git a/ansible/roles/hosts/files/.vim_aliases b/ansible/roles/hosts/files/.vim_aliases deleted file mode 100644 index 924a904..0000000 --- a/ansible/roles/hosts/files/.vim_aliases +++ /dev/null @@ -1 +0,0 @@ -alias vi='vim' diff --git a/ansible/roles/hosts/files/etc/init.d/myos b/ansible/roles/hosts/files/etc/init.d/myos index 5da8dd9..1303c65 100755 --- a/ansible/roles/hosts/files/etc/init.d/myos +++ b/ansible/roles/hosts/files/etc/init.d/myos @@ -1,4 +1,5 @@ #!/bin/bash +# shellcheck source=/dev/null disable=SC2046 ### BEGIN INIT INFO # Provides: myos # Required-Start: docker @@ -8,16 +9,11 @@ # Description: MYOS system calls ### END INIT INFO -set -e - # check system config -[ -r /etc/default/myos ] && . /etc/default/myos || exit 1 -type make >/dev/null 2>&1 && [ -d "${MYOS}" ] || exit 2 - -# load user config -[ -r ~/.myos ] && . ~/.myos +[ -r /etc/default/myos ] && . /etc/default/myos 2>/dev/null +type make >/dev/null 2>&1 && [ -d "${MYOS}" ] || exit 1 case "$1" in *) - IFS=$'\n'; exec sh -c "cd ${MYOS} && exec make $@ $(cat /etc/default/myos ~/.myos 2>/dev/null)" + IFS=$'\n'; cd "${MYOS}"; exec env $(cat /etc/default/myos ~/.myos 2>/dev/null) make "$@" esac diff --git a/ansible/roles/hosts/files/etc/profile.d/rc_functions.sh b/ansible/roles/hosts/files/etc/profile.d/rc_functions.sh index 9f4fec9..bc2cedb 100644 --- a/ansible/roles/hosts/files/etc/profile.d/rc_functions.sh +++ b/ansible/roles/hosts/files/etc/profile.d/rc_functions.sh @@ -254,7 +254,8 @@ ssh_del() { tmux_attach() { command -v tmux >/dev/null 2>&1 || return TMUX_SESSION="$(id -nu)@$(hostname |sed 's/\..*//')" - if [ -z "${TMUX}" ]; then + # do not attach tmux in screen ;) + if [ -z "${TMUX}" -a -z "${STY}" ]; then printf 'Attaching tmux.' && sleep 1\ && printf '.' && sleep 1\ && printf '.' && sleep 1 diff --git a/ansible/roles/hosts/tasks/config.yml b/ansible/roles/hosts/tasks/config.yml index c4a0c6b..2b617b0 100644 --- a/ansible/roles/hosts/tasks/config.yml +++ b/ansible/roles/hosts/tasks/config.yml @@ -1,19 +1,9 @@ --- # file: tasks/config.yml -- name: config - do not run docker-compose in docker - arch != x86 - when: ansible_machine|lower != "x86_64" - with_items: - - DOCKER=false - lineinfile: - path: /etc/default/myos - create: yes - line: '{{ item }}' - mode: '0644' - become: yes - - name: config - set MYOS config in /etc/default/myos with_items: + - APP_TYPE={{ lookup('env','ANSIBLE_APP_TYPE') }} - MYOS={{ lookup('env','ANSIBLE_MYOS') }} lineinfile: path: /etc/default/myos diff --git a/ansible/roles/hosts/tasks/git.yml b/ansible/roles/hosts/tasks/git.yml index c814f03..d57e659 100644 --- a/ansible/roles/hosts/tasks/git.yml +++ b/ansible/roles/hosts/tasks/git.yml @@ -5,7 +5,7 @@ with_items: "{{ hosts_git_repositories|default([]) }}" git: repo: "{{ item.repo }}" - dest: "{{ item.dest|default('/dns') }}" + dest: "{{ item.dest }}" umask: "022" key_file: "{{ item.key_file|default('~/.ssh/id_rsa') }}" version: "{{ item.version|default('HEAD') }}" diff --git a/ansible/roles/hosts/tasks/user.yml b/ansible/roles/hosts/tasks/user.yml index 1f41f31..5cad9e3 100644 --- a/ansible/roles/hosts/tasks/user.yml +++ b/ansible/roles/hosts/tasks/user.yml @@ -34,21 +34,23 @@ - name: user - copy ~/.*aliases ~/.*profile ~/.shrc with_items: - - ".dircolors_aliases" - - ".docker_aliases" - - ".vim_aliases" - ".bash_profile" - - ".profile" + - ".sh_profile" - ".shrc" copy: src=../files/{{item}} dest=~/{{item}} mode="0640" backup="yes" - name: user - update ~/.bashrc with_items: - PS1="╭∩╮$PS1" - - source .shrc + - source ~/.shrc - unset user_count process_count lineinfile: dest=~/.bashrc create=yes line='{{item}}' +- name: user - update ~/.profile + with_items: + - source ~/.sh_profile + lineinfile: dest=~/.profile create=yes line='{{item}}' + - name: user - update ~/.config/git/ignore with_items: - '.nfs*' diff --git a/ansible/roles/remotes/tasks/git.yml b/ansible/roles/remotes/tasks/git.yml index d7ac7a3..af51704 100644 --- a/ansible/roles/remotes/tasks/git.yml +++ b/ansible/roles/remotes/tasks/git.yml @@ -5,7 +5,7 @@ with_items: "{{ git_repositories|default([]) }}" git: repo: "{{ item.repo }}" - dest: "{{ item.dest|default('/src') }}" + dest: "{{ item.dest }}" umask: "022" key_file: "{{ item.key_file|default('~/.ssh/id_rsa') }}" version: "{{ item.version|default('HEAD') }}" diff --git a/docker/compose/Dockerfile b/docker/compose/Dockerfile index c08cd67..4a05a11 100644 --- a/docker/compose/Dockerfile +++ b/docker/compose/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.15 as dist +FROM alpine:latest as dist LABEL maintainer aynic.os ARG DOCKER_BUILD_DIR diff --git a/docker/fabio/Dockerfile b/docker/fabio/Dockerfile index 72e7000..e0edcfb 100644 --- a/docker/fabio/Dockerfile +++ b/docker/fabio/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.15 as dist +FROM alpine:latest as dist LABEL maintainer aynic.os ARG DOCKER_BUILD_DIR diff --git a/docker/registrator/Dockerfile b/docker/registrator/Dockerfile index 26014d5..ceece19 100644 --- a/docker/registrator/Dockerfile +++ b/docker/registrator/Dockerfile @@ -9,31 +9,17 @@ ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} ENV GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME} ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL} -WORKDIR /go/src/github.com/gliderlabs/registrator/ +WORKDIR /go/src/github.com/auto1-oss/registrator/ RUN \ - apk add --no-cache curl git \ - && git clone https://github.com/gliderlabs/registrator/ . \ - && git reset --hard 4322fe00304d6de661865721b073dc5c7e750bd2 \ + apk add --no-cache git \ + && git clone https://github.com/auto1-oss/registrator/ . \ + && git reset --hard 378a4ead31adfdae6550e112bfc186f1d1bed632 \ # -useIpFromNetwork \ - && git fetch origin pull/596/head \ - && git merge --no-edit 8d904c60949e310893a25c8af3636b0151334dd4 \ + && git fetch origin pull/18/head \ + && git merge --no-edit 5ee80693b8057d92f261b87705445a1b989239ce \ # fix SERVICE_CHECK_SCRIPT - && git fetch origin pull/686/head \ - && git merge --no-edit 097305157a6a2c0c236fa430c17498c895536782 \ -# # skip tls verification -# && git fetch origin pull/661/head \ -# && git merge --no-edit 38fc83ac07b4a070be71079cb810429d94a60205 \ -# # prevent publishing ip twice \ -# && git fetch origin pull/703/head \ -# && git merge --no-edit b628dcd0edacfb2d3e5f0a6f486b23339f35e82a \ -# # -useIpFromEnv -# && git fetch origin pull/674/head \ -# && git merge --no-edit 4fe9e216d9747e25ae5aa9d40f2246861c032dd1 \ - && curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh \ - && dep ensure -vendor-only \ - && go mod init \ - && go mod tidy \ - && go mod vendor \ + && git fetch origin pull/19/head \ + && git merge --no-edit 9cfdfbee07dc6153af70f032eefc848af101fa7d \ && CGO_ENABLED=0 GOOS=linux go build \ -a -installsuffix cgo \ -ldflags "-X main.Version=$(cat VERSION)" \ diff --git a/make/def.mk b/make/def.mk index ebfac6d..53244f3 100644 --- a/make/def.mk +++ b/make/def.mk @@ -82,7 +82,7 @@ MAKE_ENV_VARS ?= $(strip $(foreach var, $(filter-out .VARIABLE MAKE_FILE_ARGS ?= $(foreach var,$(filter $(ENV_VARS),$(MAKE_FILE_VARS)),$(var)='$($(var))') MAKE_FILE_VARS ?= $(strip $(foreach var, $(filter-out .VARIABLES,$(.VARIABLES)), $(if $(filter file,$(origin $(var))),$(var)))) MAKE_OLDFILE ?= $@ -MAKE_TARGETS ?= $(filter-out $(.VARIABLES),$(shell $(MAKE) -qp 2>/dev/null |awk -F':' '/^[a-zA-Z0-9][^$$#\/\t=]*:([^=]|$$)/ {print $$1}' |sort -u)) +MAKE_TARGETS ?= $(filter-out $(.VARIABLES),$(shell $(MAKE) -qp 2>/dev/null |awk -F':' '/^[a-zA-Z0-9][^$$\#\/\t=]*:([^=]|$$)/ {print $$1}' |sort -u)) MAKE_UNIXTIME_START := $(shell date -u +'%s' 2>/dev/null) MAKE_UNIXTIME_CURRENT = $(shell date -u "+%s" 2>/dev/null) MAKE_VARS ?= ENV diff --git a/make/env.mk b/make/env.mk index 6f3a049..29a3d92 100644 --- a/make/env.mk +++ b/make/env.mk @@ -71,7 +71,7 @@ endef # add variables definition to the .env file define .env_update $(call INFO,.env_update,$(env_file) $(env_dist) $(env_over)) - touch $(env_file) + touch $(env_file) $(if $(VERBOSE)$(DEBUG),,2> /dev/null) printenv \ |awk -F '=' 'NR == FNR { if($$1 !~ /^(#|$$)/) { A[$$1]; next } } !($$1 in A)' - $(env_dist) \ |cat $(env_over) - \ diff --git a/stack/node/node.yml b/stack/node/node.yml index 47c8ba7..2923199 100644 --- a/stack/node/node.yml +++ b/stack/node/node.yml @@ -82,9 +82,14 @@ services: - IPFS_VERSION=0.13.0-rc1 context: ../.. dockerfile: docker/ipfs/Dockerfile - image: ${DOCKER_REPOSITORY_NODE}/ipfs:${DOCKER_IMAGE_TAG} + command: daemon --migrate=true --mount + cap_add: + - SYS_ADMIN + devices: + - /dev/fuse:/dev/fuse environment: - IPFS_PROFILE=${IPFS_PROFILE} + image: ${DOCKER_REPOSITORY_NODE}/ipfs:${DOCKER_IMAGE_TAG} labels: - SERVICE_4001_CHECK_TCP=true - SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME}-ipfs:4001 @@ -100,6 +105,8 @@ services: - 4001:4001 - 5001/tcp - 8080/tcp + security_opt: + - apparmor:unconfined ulimits: nofile: soft: 65536