welcome ipfs

myos
Yann Autissier 5 months ago
parent b149a01b75
commit e06266489c
  1. 4
      .env.dist
  2. 14
      CHANGELOG.md
  3. 18
      Makefile
  4. 94
      README.md
  5. 1
      ansible/inventories/host_vars/default
  6. 1
      ansible/inventories/host_vars/localhost
  7. 3
      ansible/roles/hosts/files/etc/cron.d/myos
  8. 33
      ansible/roles/hosts/files/etc/init.d/myos
  9. 4
      ansible/roles/hosts/files/etc/profile.d/rc.sh
  10. 7
      ansible/roles/hosts/files/etc/profile.d/rc_functions.sh
  11. 2
      ansible/roles/hosts/files/etc/systemd/system/ansible.service
  12. 11
      ansible/roles/hosts/handlers/main.yml
  13. 29
      ansible/roles/hosts/tasks/boot.yml
  14. 9
      ansible/roles/hosts/tasks/files.yml
  15. 4
      ansible/roles/hosts/tasks/main.yml
  16. 32
      ansible/roles/hosts/tasks/update.yml
  17. 13
      ansible/roles/hosts/tasks/user.yml
  18. 3
      docker/elastic/curator/docker-entrypoint.sh
  19. 3
      docker/fabio/Dockerfile
  20. 1
      docker/ipfs/ipfs-config.sh
  21. 3
      docker/myos/.screenrc
  22. 32
      docker/myos/.tmux.conf
  23. 69
      docker/myos/Dockerfile
  24. 31
      docker/myos/docker-entrypoint.sh
  25. 1
      docker/registrator/Dockerfile
  26. 2
      docker/theia/.tmux.conf
  27. 2
      docker/theia/.tmux/sessions/aws-preprod
  28. 2
      docker/theia/.tmux/sessions/aws-prod
  29. 5
      docker/theia/Dockerfile
  30. 39
      docker/theia/rc.sh
  31. 283
      docker/theia/rc_functions.sh
  32. 3
      docker/vsftpd-s3/docker-entrypoint.sh
  33. 128
      docker/zen/Dockerfile
  34. 33
      docker/zen/docker-entrypoint.sh
  35. 16
      make/apps/common.mk
  36. 19
      make/apps/def.docker.mk
  37. 2
      make/apps/def.mk
  38. 4
      make/apps/docker.mk
  39. 1
      make/apps/myos/def.mk
  40. 16
      make/apps/myos/node.mk
  41. 6
      make/apps/myos/ssh.mk
  42. 33
      make/def.docker.mk
  43. 3
      make/def.mk
  44. 2
      make/env.mk
  45. 12
      stack/User.mk
  46. 6
      stack/User/.env.dist
  47. 48
      stack/User/User.yml
  48. 1
      stack/User/ipfs/.env.dist
  49. 56
      stack/User/ipfs/ipfs.yml
  50. 1
      stack/ipfs/.env.dist
  51. 45
      stack/ipfs/ipfs.yml
  52. 2
      stack/logs.mk
  53. 24
      stack/node.mk
  54. 7
      stack/node/.env.dist
  55. 4
      stack/node/exporter/.env.dist
  56. 10
      stack/node/exporter/exporter.yml
  57. 1
      stack/node/ipfs/.env.dist
  58. 53
      stack/node/ipfs/ipfs.yml
  59. 68
      stack/node/node.yml
  60. 5
      stack/node/pdns/pdns-recursor.yml
  61. 11
      stack/node/vsftpd/vsftpd-s3.yml
  62. 10
      stack/theia/.env.dist
  63. 16
      stack/theia/theia.yml
  64. 1
      stack/x2go/xfce_debian.yml
  65. 8
      stack/zen.mk
  66. 52
      stack/zen/zen.yml

@ -1,3 +1,5 @@
APP_NAME=myos
APP_TYPE=myos
DOCKER_SERVICE=cli
DOMAIN=localhost
ENV=local
STACK=

@ -1,7 +1,17 @@
# CHANGELOG
## v1.0-beta - 2022-06-30
Pre release, welcome ipfs
* add arm64 support
* add ipfs stack
* add x2go with ssh ecryptfs homedir
* add zen stack
* update docker-compose to v2.5.0
## v1.0-alpha - 2021-07-14
First public release, code is doc
Public release, code is doc
* Licenses update to GPL, as freedom should not allow evil to move faster than god
* update license to GPL as freedom should not allow evil to move faster than god

@ -10,11 +10,15 @@ app-build: user install-build-config
$(foreach service,$(or $(SERVICE),$(SERVICES)),$(call make,app-build-$(service)))
$(call make,docker-commit)
app-install: ansible-run
app-install: ansible-run app-update-default
app-tests: ansible-tests
app-update: ansible-pull app-update-default
app-update-default: ENV_DIST := .env
app-update-default: ENV_FILE := /etc/default/myos
app-update-default: .env-update;
app-start: ssh-add
app-tests: ansible-tests
##
# BOOTSTRAP
@ -24,12 +28,12 @@ app-start: ssh-add
.PHONY: bootstrap-docker
bootstrap-docker: install-bin-docker setup-docker-group setup-binfmt setup-nfsd setup-sysctl
# target bootstrap-host: Fire node target
# target bootstrap-host: Create DOCKER_NETWORK_PUBLIC
# on local host
.PHONY: bootstrap-host
bootstrap-host: node
bootstrap-host: docker-network-create-$(DOCKER_NETWORK_PUBLIC) node-ssl-certs
# target bootstrap-user: Fire User target
# target bootstrap-user: Create DOCKER_NETWORK_PRIVATE
# on local host
.PHONY: bootstrap-user
bootstrap-user: User
bootstrap-user: docker-network-create

@ -1,31 +1,111 @@
# myos - Make Your Own Stack
Docker paas based on docker compose files.
## Disclaimer
This is work in progress ;)
## Usage
### Examples
* Configure myos for domain.tld
```shell
$ make bootstrap DOMAIN=domain.tld
```
* Start myos stacks
```shell
$ make node up STACK='zen'
```
`make node` starts the stack node with docker host services :
- consul (service discovery)
- fabio (load balancer)
- ipfs (inter planetary file system)
- registrator (docker/consul bridge)
`make User` starts the stack User with docker user services :
- myos (ssh-agent)
- ipfs (when STACK=zen)
`make up` starts the stack STACK
- zen (when STACK=zen)
* Stop myos
```shell
$ make shutdown
```
* Install myos
```shell
$ make install
```
### Make variables
### Variables
#### DEBUG
* DEBUG
Show debug informations
Show executed commands
```shell
$ make install DEBUG=true
$ make up DEBUG=true
```
#### DRYRUN
* DRYRUN
Do nothing, show commands instead of executing it
```shell
$ make up DRYRUN=true
```
* VERBOSE
Show called functions
```shell
$ make up VERBOSE=true
```
* Show variable VARIABLE
```shell
$ make print-VARIABLE
```
### Debug
* Show docker compose yaml config
```shell
$ make config
```
`make config` show docker compose yaml config for stack STACK
`make stack-node-config` show docker compose yaml config for stack node
`make stack-User-config` show docker compose yaml config for stack User
`make stack-elastic-config` show docker compose yaml config for stack elastic
* Show debug variables
```shell
$ make debug
```
* Generate self documentation
```shell
$ make doc
```
Show commands, do nothing
* Show env args
```shell
$ make install DRYRUN=true
$ make print-env_args
```
## Status

@ -14,6 +14,7 @@ hosts_packages:
- { "name": "ansible", "state": "present" }
hosts_services:
- { "name": "zram", "state": "started", "enabled": "yes" }
hosts_update: true
hosts_user_env:
- ANSIBLE_AWS_ACCESS_KEY_ID
- ANSIBLE_AWS_SECRET_ACCESS_KEY

@ -10,6 +10,7 @@ hosts_git_repositories:
- { "repo": "{{ lookup('env','ANSIBLE_GIT_REPOSITORY') }}", "dest": "{{ lookup('env','ANSIBLE_GIT_DIRECTORY') }}", "key_file": "{{ lookup('env','ANSIBLE_GIT_KEY_FILE') or '~/.ssh/id_rsa' }}", "version": "{{ lookup('env','ANSIBLE_GIT_VERSION') }}" }
hosts_services:
- { "name": "myos", "state": "stopped", "enabled": "yes" }
hosts_update: true
hosts_user_env:
- ANSIBLE_CONFIG
- ANSIBLE_DOCKER_IMAGE_TAG

@ -1,2 +1,3 @@
PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin
0 0 * * * root /etc/init.d/myos ansible-pull
@reboot root make ansible-pull > /var/log/ansible-pull.log
0 0 * * * root make ansible-pull > /var/log/ansible-pull.log

@ -16,44 +16,27 @@ NAME="$(basename "$0")"
type make >/dev/null 2>&1 && [ -d "${MYOS}" ] && cd "${MYOS}" || exit 1
case "$1" in
force-stop)
HOOK="stop stack-node-stop"
shift
;;
force-reload)
HOOK="recreate stack-node-recreate"
shift
;;
force-restart)
HOOK="restart stack-node-restart"
shift
;;
force-shutdown)
HOOK="down stack-node-down"
shift
TARGET='force-recreate'
;;
reload)
HOOK="recreate"
shift
;;
shutdown)
HOOK="down"
shift
TARGET="recreate"
;;
start)
echo "Starting $NAME..."
HOOK="up"
shift
TARGET="up"
;;
status)
HOOK="ps"
shift
TARGET="ps"
;;
stop)
echo "Stopping $NAME..."
TARGET="$1"
;;
*)
TARGET="$1"
;;
esac
shift ||:
IFS=$'\n'; exec env $(cat /etc/default/myos ~/.myos 2>/dev/null) make ${HOOK:-} "${@}"
IFS=$'\n'; exec env $(cat /etc/default/myos 2>/dev/null) make ${TARGET:-} ${TARGET_FORCE:-} $@

@ -2,7 +2,7 @@
# file rc.sh: Call user defined functions
## author: Yann "aya" Autissier
## license: GPL
## version: 20210714
## version: 20220630
case $- in
# if this is an interactive shell
@ -24,7 +24,7 @@ case $- in
fi
done
# load user stuff from RC_* env vars
IFS="$(printf '%b_' '\n')"; IFS="${IFS%_}"; for line in $(printenv 2>/dev/null |awk '$0 ~ /^RC_[1-9A-Z_]*=/'); do
IFS="$(printf '%b_' '\n')"; IFS="${IFS%_}"; for line in $(printenv 2>/dev/null |awk '$0 ~ /^RC_[0-9A-Z_]*=/' |sort); do
func_name=$(printf '%s\n' "${line%%=*}" |awk '{print tolower(substr($0,4))}')
eval func_args=\$"${line%%=*}"
[ "${func_args}" = "false" ] && continue

@ -2,7 +2,7 @@
# file rc_functions.sh: Define shell functions
## author: Yann "aya" Autissier
## license: GPL
## version: 20220620
## version: 20220630
# function force: Run a command sine die
force() {
@ -40,9 +40,8 @@ force8() {
# function load_average; Print the current load average
load_average() {
awk '{printf "%.1f\n" $1}' /proc/loadavg 2>/dev/null\
|| uptime 2>/dev/null |awk '{printf "%.1f\n", $(NF-2)}'
}
uptime 2>/dev/null |awk '{printf "%.1f\n", $(NF-2)}'
}
# function process_count: Print number of "processes"/"running processes"/"D-state"
process_count() {

@ -3,7 +3,7 @@ Description=Call myos ansible-pull
[Service]
Type=oneshot
ExecStart=/etc/init.d/myos ansible-pull
ExecStart=make ansible-pull
[Install]
WantedBy=multi-user.target

@ -1,7 +1,7 @@
---
# file: handlers/main.yml
- name: update boot config
- name: update boot - syslinux
environment:
PATH: "{{ ansible_env.PATH }}:/usr/sbin:/sbin"
with_together:
@ -10,3 +10,12 @@
command: "update-extlinux"
when: item.1.changed and item.0.dest == "/etc/update-extlinux.conf"
- name: update boot - grub
environment:
PATH: "{{ ansible_env.PATH }}:/usr/sbin:/sbin"
with_together:
- '{{ boot_config }}'
- '{{ boot_config_handler_notify.results }}'
command: "update-grub"
when: item.1.changed and item.0.dest == "/etc/default/grub"

@ -4,10 +4,34 @@
- name: boot - define config
set_fact:
boot_config:
# set clocksource at boot
# set docker optimizations - armbian
- dest: /boot/armbianEnv.txt
line: 'docker_optimizations=on'
regex: ''
# set clocksource - grub
- dest: /etc/default/grub
line: 'GRUB_CMDLINE_LINUX="\1 clocksource=tsc tsc=reliable"'
regex: '^GRUB_CMDLINE_LINUX="((?!.*clocksource=tsc tsc=reliable).*)"$'
# set resources limits - grub
- dest: /etc/default/grub
line: 'GRUB_CMDLINE_LINUX="\1 cgroup_enable=memory swapaccount=1"'
regex: '^GRUB_CMDLINE_LINUX="((?!.*cgroup_enable=memory swapaccount=1).*)"$'
# set clocksource - syslinux
- dest: /etc/update-extlinux.conf
line: 'default_kernel_opts="\1 clocksource=tsc tsc=reliable"'
regex: '^default_kernel_opts="((?!.*clocksource=tsc tsc=reliable).*)"$'
# set resources limits - syslinux
- dest: /etc/update-extlinux.conf
line: 'default_kernel_opts="\1 cgroup_enable=memory swapaccount=1"'
regex: '^default_kernel_opts="((?!.*cgroup_enable=memory swapaccount=1).*)"$'
# set clocksource - uboot
- dest: /boot/cmdline.txt
line: '\1 clocksource=tsc tsc=reliable'
regex: '^((?!.*clocksource=tsc tsc=reliable).*)$'
# set resources limits - uboot
- dest: /boot/cmdline.txt
line: '\1 cgroup_enable=memory swapaccount=1'
regex: '^((?!.*cgroup_enable=memory swapaccount=1).*)$'
- name: boot - stat config file
with_items: '{{boot_config|default([])}}'
@ -28,6 +52,7 @@
regex: '{{item.0.regex}}'
become: yes
notify:
- update boot config
- update boot - syslinux
- update boot - grub
register: boot_config_handler_notify

@ -9,13 +9,6 @@
copy: src=../files/{{item}} dest={{item}} owner=root group=root mode=0644
become: yes
- name: files - copy myos cron file
when: hosts_update
with_items:
- /etc/cron.d/myos
copy: src=../files/{{item}} dest={{item}} owner=root group=root mode=0644
become: yes
- name: files - copy binary files
with_items:
- /etc/init.d/myos
@ -26,8 +19,6 @@
- name: files - copy files - systemd
when: ansible_service_mgr|lower == "systemd"
with_items:
- /etc/systemd/system/ansible.service
- /etc/systemd/system/ansible.timer
- /etc/systemd/system/myos.service
- /etc/systemd/system/zram.service
copy: src=../files/{{item}} dest={{item}} owner=root group=root mode=0644

@ -34,6 +34,10 @@
- import_tasks: ssh.yml
tags:
- ssh
- import_tasks: update.yml
tags:
- update
when: hosts_update|default(false)
- import_tasks: user.yml
tags:
- user

@ -0,0 +1,32 @@
---
# file: tasks/update.yml
- name: update - copy files
with_items:
- /etc/cron.d/myos
copy: src=../files/{{item}} dest={{item}} owner=root group=root mode=0644
become: yes
- name: update - copy files - systemd
when: ansible_service_mgr|lower == "systemd"
with_items:
- /etc/systemd/system/ansible.service
- /etc/systemd/system/ansible.timer
copy: src=../files/{{item}} dest={{item}} owner=root group=root mode=0644
become: yes
- name: update - create /root/.myos
become: true
template:
src: myos.j2
dest: ~/.myos
force: no
mode: 0400
- name: update - create /root/Makefile
become: true
template:
src: Makefile.j2
dest: ~/Makefile
force: yes

@ -11,13 +11,6 @@
copy: src="{{ item }}" dest=~/.ssh/ mode=0400
ignore_errors: true
- name: user - create ~/.myos
template:
src: myos.j2
dest: ~/.myos
force: no
mode: 0400
- name: user - create ~/.rc.d
file: path=~/.rc.d/ state={{hosts_user_rc_enable|default(false)|ternary('directory', 'absent')}} mode="0700"
@ -97,9 +90,3 @@
- :filetype plugin indent on
lineinfile: dest=~/.vimrc create=yes line='{{item}}'
- name: user - update ~/Makefile
template:
src: Makefile.j2
dest: ~/Makefile
force: yes

@ -1,6 +1,5 @@
#!/bin/sh
set -euo pipefail
set -o errexit
set -euo errexit
trap 'kill -SIGQUIT $PID' INT

@ -18,5 +18,8 @@ EXPOSE 9998 9999
ENTRYPOINT ["/usr/bin/fabio"]
CMD ["-cfg", "/etc/fabio/fabio.properties"]
HEALTHCHECK CMD status=$(echo -e 'GET /health HTTP/1.0\n' |nc -w 1 localhost 9998 | sed -n '$p') \
&& echo "$status" && [ "$status" = "OK" ] || exit 1
FROM dist as master
ARG DOCKER_BUILD_DIR

@ -15,6 +15,7 @@ ipfs config Pubsub.Router gossipsub
ipfs config --json Experimental.Libp2pStreamMounting true
ipfs config --json Experimental.P2pHttpProxy true
ipfs config Addresses.Gateway "/ip4/0.0.0.0/tcp/8080"
ipfs config Addresses.Api "/ip4/0.0.0.0/tcp/5001"
## REMOVE IPFS BOOTSTRAP
ipfs bootstrap rm --all

@ -0,0 +1,3 @@
hardstatus alwayslastline "%{= kw}[%{G}%H%{-}] \# %?%-Lw%?[%{G}%n%f %t%{-}]%?%+Lw%?%?%=%-17< [%{B}%l%{-}]"
defscrollback 1048576
shell -$SHELL

@ -0,0 +1,32 @@
# this is aya's tmux configuration !
bind r source-file ~/.tmux.conf\; display-message "tmux.conf reloaded!"
bind R move-window -r
bind C-n switch-client -n\; refresh-client -S
bind C-p switch-client -p\; refresh-client -S
bind Escape copy-mode
bind Y run "tmux save-buffer - |xsel -i"
bind P run "xsel -o |tmux load-buffer -; tmux paste-buffer"
bind C-c run "tmux save-buffer - | xclip -i -sel clipboard >/dev/null"
bind C-v run "tmux set-buffer \"$(xclip -o -sel clipboard)\"; tmux paste-buffer"
bind -n S-down new-window
bind -n S-left prev
bind -n S-right next
bind -n C-left swap-window -t -1
bind -n C-right swap-window -t +1
set -g aggressive-resize on
set -g status-keys vi
setw -g mode-keys vi
setw -g window-status-current-bg blue
setw -g window-status-current-fg white
setw -g monitor-activity on
set -g visual-activity on
setw -g automatic-rename on
set -g default-terminal "screen"
set -g history-limit 4242
set -g status-bg black
set -g status-fg white
set -g status-interval 60
set -g status-left-length 30
set -g status-left '<#[fg=green]#S#[default]> '
set -g status-right '#[fg=yellow] %d/%m %H:%M#[default]'
set -g update-environment "SSH_ASKPASS SSH_AUTH_SOCK SSH_AGENT_PID SSH_CONNECTION"

@ -3,6 +3,8 @@ LABEL maintainer aynic.os <support+docker@asycn.io>
ARG DOCKER_BUILD_DIR
ARG GIT_AUTHOR_NAME
ARG GIT_AUTHOR_EMAIL
ARG OPERATING_SYSTEM=Linux
ARG PROCESSOR_ARCHITECTURE=x86_64
ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
@ -12,15 +14,20 @@ ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL}
RUN apk upgrade --no-cache \
&& apk add --no-cache \
bash \
docker \
curl \
gettext \
git \
gpg \
gpg-agent \
make \
mysql-client \
nano \
netcat-openbsd \
openssh \
postgresql-client \
sudo \
zsh
screen \
socat \
tmux \
wget \
xz
RUN git clone https://github.com/ingydotnet/git-subrepo \
&& cd git-subrepo \
@ -33,7 +40,32 @@ RUN git clone https://github.com/ingydotnet/git-subrepo \
&& cd .. \
&& rm -rf git-subrepo
CMD ["bash"]
ARG IPFS_VERSION=0.13.0
RUN { OS="$(echo ${OPERATING_SYSTEM} |awk '{print tolower($0)}')"; \
ARCH="$(echo ${PROCESSOR_ARCHITECTURE})"; \
wget -qO - https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.${OS}.${ARCH}.tar.xz \
|tar --strip-components 1 -C /usr/local/bin -xJf - shellcheck-stable/shellcheck; } \
&& { ARCH="$(echo ${PROCESSOR_ARCHITECTURE} |awk '/x86_64/ {print "amd64"}; /aarch64/ {print "arm64"}')"; \
wget -qO - https://github.com/ipfs/go-ipfs/releases/download/v${IPFS_VERSION}/go-ipfs_v${IPFS_VERSION}_${OS}-${ARCH}.tar.gz \
|tar --strip-components 1 -C /usr/local/bin -xzf - go-ipfs/ipfs; } \
&& mkdir -p /usr/local/lib/shellspec \
&& wget -qO - https://github.com/shellspec/shellspec/archive/refs/heads/master.tar.gz \
|tar --strip-components 1 -C /usr/local/lib/shellspec -xzf - \
&& ln -s /usr/local/lib/shellspec/shellspec /usr/local/bin/shellspec
ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/local/bin/cronlock
RUN chmod +rx /usr/local/bin/cronlock
# Setup environment variables; export SSH_AUTH_SOCK from socket directory
ENV SOCKET_DIR /tmp/ssh-agent
ENV SSH_AUTH_SOCK ${SOCKET_DIR}/socket
ENV SSH_AUTH_PROXY_SOCK ${SOCKET_DIR}/proxy-socket
COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["start"]
FROM dist as master
ARG DOCKER_BUILD_DIR
@ -49,6 +81,15 @@ ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
RUN apk add --no-cache \
# docker \
# docker-compose \
# mysql-client \
# postgresql-client \
sudo
# vim \
# zsh
# If we provide a numeric UID
RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
# Remove user with $UID if it is not our $USER
@ -77,9 +118,9 @@ RUN [ "$DOCKER_GID" -eq "$DOCKER_GID" ] 2>/dev/null \
|| true
## User groups
RUN adduser $USER docker \
&& adduser $USER wheel \
&& echo '%wheel ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
RUN adduser $USER wheel \
# && adduser $USER docker \
&& echo '%wheel ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers
RUN echo -e "\n\
Host *\n\
@ -103,6 +144,13 @@ Host ssh-bastion\n\
fi \
fi
# Custom rc functions
COPY ansible/roles/hosts/files/etc/profile.d/rc*.sh /etc/profile.d/
RUN mkdir -p $SOCKET_DIR && chown $USER $SOCKET_DIR
VOLUME ${SOCKET_DIR}
USER $USER
ENV SHELL=${SHELL}
WORKDIR /home/$USER
@ -120,3 +168,6 @@ RUN mkdir -p ~/.ssh ~/.config/git \
*.swp\n\
Thumbs.db\n\
" > ~/.config/git/ignore
# dot files
COPY ${DOCKER_BUILD_DIR}/.* /home/$USER/

@ -0,0 +1,31 @@
#!/usr/bin/env sh
set -euo errexit
# Print a debug message if debug mode is on ($DEBUG is not empty)
# @param message
debug_msg ()
{
if [ -n "${DEBUG:-}" -a "${DEBUG:-}" != "false" ]; then
echo "$@"
fi
}
case "${1:-start}" in
start)
debug_msg "Starting..."
# Create proxy-socket for ssh-agent (to give everyone access to the ssh-agent socket)
debug_msg "Create proxy socket..."
rm -f ${SSH_AUTH_SOCK} ${SSH_AUTH_PROXY_SOCK} > /dev/null 2>&1
socat UNIX-LISTEN:${SSH_AUTH_PROXY_SOCK},perm=0666,fork UNIX-CONNECT:${SSH_AUTH_SOCK} &
debug_msg "Launch ssh-agent..."
exec /usr/bin/ssh-agent -a ${SSH_AUTH_SOCK} -D >/dev/null
;;
*)
debug_msg "Exec: $@"
exec "$@"
;;
esac

@ -33,6 +33,7 @@ RUN apk add --no-cache ca-certificates
COPY --from=build /go/bin/registrator /bin/registrator
ENTRYPOINT ["/bin/registrator"]
HEALTHCHECK CMD kill -SIGUSR1 1
FROM dist as master
ARG DOCKER_BUILD_DIR

@ -1,8 +1,6 @@
# this is aya's tmux configuration !
bind r source-file ~/.tmux.conf\; display-message "tmux.conf reloaded!"
bind R move-window -r
bind M-1 source ~/.tmux/sessions/aws-preprod
bind M-2 source ~/.tmux/sessions/aws-prod
bind C-n switch-client -n\; refresh-client -S
bind C-p switch-client -p\; refresh-client -S
bind Escape copy-mode

@ -1,2 +0,0 @@
new-session -A -s aws-preprod
run-shell "ssh sshuser@ssh-bastion make list-nodes |sed '1d' |awk '$1 ~ /^aws\.preprod\.[0-9a-z]+$/' |while read host ip; do type=\${host#*preprod.}; num=\$(printf '%0d' \${ip}); num=\$(echo \${ip} | tr . '\n' | awk '{n = n*256 + $1} END{print n}'); tmux neww -t aws-preprod:\$num -n \$type '/bin/bash -cli \"force ssh -Aqt ssh-bastion ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 'root@\$ip'\"'; done"

@ -1,2 +0,0 @@
new-session -A -s aws-prod
run-shell "ssh sshuser@ssh-bastion make list-nodes |sed '1d' |awk '$1 ~ /^aws\.prod\.[0-9a-z]+$/' |while read host ip; do type=\${host#*prod.}; num=\$(printf '%0d' \${ip}); num=\$(echo \${ip} | tr . '\n' | awk '{n = n*256 + $1} END{print n}'); tmux neww -t aws-prod:\$num -n \$type '/bin/bash -cli \"force ssh -Aqt ssh-bastion ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 'root@\$ip'\"'; done"

@ -223,8 +223,8 @@ Host ssh-bastion\n\
User ${SSH_BASTION_USERNAME}\n\
" >> /etc/ssh/ssh_config
# Custom prompt
COPY ${DOCKER_BUILD_DIR}/rc*.sh /etc/profile.d/
# Custom rc functions
COPY ansible/roles/hosts/files/etc/profile.d/rc*.sh /etc/profile.d/
USER $USER
WORKDIR /home/$USER
@ -250,7 +250,6 @@ Thumbs.db\n\
# dot files
COPY ${DOCKER_BUILD_DIR}/.* /home/$USER/
COPY ${DOCKER_BUILD_DIR}/.tmux /home/$USER/.tmux/
ARG GIT_AUTHOR_NAME
ARG GIT_AUTHOR_EMAIL

@ -1,39 +0,0 @@
# verify that default functions are loaded
type force >/dev/null 2>&1 || . /etc/profile.d/rc_functions.sh 2>/dev/null
# test current shell flags
case $- in
# if we are in an interactive shell
*i*)
# load user defined stuffs from ~/.rc.d
for user_func in "${HOME}"/.rc.d/*; do
# read files only
[ -f "${user_func}" ] && func_name=$(basename "${user_func}") || continue
func_args=$(cat "${user_func}")
# at this stage, func_name can start with numbers to allow ordering function calls with file names starting with numbers
# func_name must start with a letter, remove all other characters at the beginning of func_name until a letter is found
while [ "${func_name}" != "" ] && [ "${func_name#[a-z]}" = "${func_name}" ]; do
# remove first char of func_name
func_name="${func_name#?}"
done
# call user function with args passed from the content of the user_func file
[ -n "${func_name}" ] && ${func_name} ${func_args} 2>/dev/null
done
# load user defined stuffs from RC_* env vars
IFS=$'\n'; for func_line in $(env 2>/dev/null |awk '$0 ~ /^RC_/ {print tolower(substr($0,4))}'); do
func_name="${func_line%%=*}"
func_args="${func_line#*=}"
[ "${func_args}" = "false" ] && continue
[ "${func_args}" = "true" ] && unset func_args
# at this stage, func_name can start with numbers to allow ordering function calls with file names starting with numbers
# func_name must start with a letter, remove all other characters at the beginning of func_name until a letter is found
while [ "${func_name}" != "" ] && [ "${func_name#[a-z]}" = "${func_name}" ]; do
# remove first char of func_name
func_name="${func_name#?}"
done
# call user function with args passed from the value of the env var
[ -n "${func_name}" ] && ${func_name} ${func_args} 2>/dev/null
done
unset IFS
;;
esac

@ -1,283 +0,0 @@
# shellcheck shell=sh
## rc_function.sh defines customs shell functions
# author: Yann "aya" Autissier
# license: MIT
# updated: 2021/03/04
## force() runs a command sine die
force() {
if [ $# -gt 0 ]; then
while true; do
"$@"
sleep 1
done
fi
}
## force8() runs a command sine die if not already running
force8() {
if [ $# -gt 0 ]; then
while true; do
# awk expression to match $@
[ "$(ps wwx -o args 2>/dev/null |awk -v field="${PS_X_FIELD:-1}" '
BEGIN { nargs=split("'"$*"'",args); }
# first field matched
$field == args[1] {
matched=1;
# match following fields
for (i=1;i<=NF-field;i++) {
if ($(i+field) == args[i+1]) { matched++; }
};
# all fields matched
if (matched == nargs) { found++; }
}
END { print found+0; }'
)" = 0 ] && "$@"
sleep 1
done
fi
}
## load_average() prints the current load average
load_average() {
awk '{printf "%.1f\n" $1}' /proc/loadavg 2>/dev/null\
|| uptime 2>/dev/null |awk '{printf "%.1f\n", $(NF-2)}'
}
## process_count() prints number of "processes"/"running processes"/"D-state"
process_count() {
ps ax -o stat 2>/dev/null |awk '
$1 ~ /R/ {process_running++};
$1 ~ /D/ {process_dstate++};
END { print NR-1"/"process_running+0"/"process_dstate+0; }'
}
## prompt_set() exports custom PROMPT_COMMAND
prompt_set() {
case "${TERM}" in
screen*)
ESCAPE_CODE_DCS="\033k"
ESCAPE_CODE_ST="\033\\"
;;
linux*|xterm*|rxvt*)
ESCAPE_CODE_DCS="\033]0;"
ESCAPE_CODE_ST="\007"
;;
*)
;;
esac
# in a screen
if [ -n "${STY}" ]; then
export PROMPT_COMMAND='printf\
"${ESCAPE_CODE_DCS:-\033]0;}%s${ESCAPE_CODE_ST:-\007}"\
"${PWD##*/}"'
else
export PROMPT_COMMAND='printf\
"${ESCAPE_CODE_DCS:-\033]0;}%s@%s:%s${ESCAPE_CODE_ST:-\007}"\
"${USER}"\
"${HOSTNAME%%.*}"\
"${PWD##*/}"'
fi
unset ESCAPE_CODE_DCS ESCAPE_CODE_ST
}
## ps1_set() exports custom PS1
ps1_set() {
case "$0" in
*sh)
COLOR_DGRAY="\[\033[1;30m\]"
COLOR_RED="\[\033[01;31m\]"
COLOR_GREEN="\[\033[01;32m\]"
COLOR_BROWN="\[\033[0;33m\]"
COLOR_YELLOW="\[\033[01;33m\]"
COLOR_BLUE="\[\033[01;34m\]"
COLOR_CYAN="\[\033[0;36m\]"
COLOR_GRAY="\[\033[0;37m\]"
COLOR_RESET="\[\033[0m\]"
;;
*)
;;
esac
PS1_STATUS="\$?"
PS1_COUNT="${COLOR_DGRAY}[\`
case \"$PS1_STATUS\" in
0)
printf \"${COLOR_BLUE}${PS1_STATUS}\";;
1)
printf \"${COLOR_YELLOW}${PS1_STATUS}\";;
*)
printf \"${COLOR_RED}${PS1_STATUS}\";;
esac
type process_count >/dev/null 2>&1 && printf\
\"${COLOR_DGRAY}|${COLOR_BLUE}%s\"\
\"\$(process_count 2>/dev/null)\"
type user_count >/dev/null 2>&1 && printf\
\"${PS1_COUNT}${COLOR_DGRAY}|${COLOR_BLUE}%s\"\
\"\$(user_count 2>/dev/null)\"
type load_average >/dev/null 2>&1 && printf\
\"${PS1_COUNT}${COLOR_DGRAY}|${COLOR_BLUE}%s\"\
\"\$(load_average 2>/dev/null)\"
\`${COLOR_DGRAY}]${COLOR_RESET}"
PS1_END="${COLOR_DGRAY}\$(
if [ \"\$(id -u)\" = 0 ]; then
printf \"#\";
else
printf \"\$\";
fi
)${COLOR_RESET}"
PS1_GIT="\$(
if type __git_ps1 >/dev/null 2>&1; then
printf \"\$(__git_ps1 2>/dev/null \" (%s)\")\"
else
printf \"\$(BRANCH=\$(git rev-parse --abbrev-ref HEAD 2>/dev/null);\
[ -n \"\${BRANCH}\" ] && printf \" (\${BRANCH})\")\"
fi
)"
PS1_GIT="${COLOR_CYAN}${PS1_GIT}${COLOR_RESET}"
PS1_HOSTNAME_COLOR="\`case \"\${ENV}\" in
[Pp][Rr][0Oo][Dd]*)
printf \"${COLOR_RED}\";;
*)
if [ -n \"\${ENV}\" ]; then
printf \"${COLOR_YELLOW}\";
else
printf \"${COLOR_GREEN}\";
fi;;
esac\`"
PS1_HOSTNAME="${PS1_HOSTNAME_COLOR}\$(hostname |sed 's/\..*//')${COLOR_RESET}"
PS1_USER_COLOR="\$(
if [ \"\$(id -u)\" = 0 ]; then
printf \"${COLOR_RED}\";
else
printf \"${COLOR_BROWN}\";
fi
)"
PS1_USER="${PS1_USER_COLOR}\$(id -nu):\$(id -u)${COLOR_RESET}"
PS1_WORKDIR="${COLOR_GRAY}\$(
pwd |sed 's|^'\${HOME}'\(/.*\)*$|~\1|'
)${COLOR_RESET}"
PS1="${PS1_COUNT}${PS1_USER}${COLOR_DGRAY}@${PS1_HOSTNAME}"
PS1="${PS1}${COLOR_DGRAY}:${PS1_WORKDIR}${PS1_GIT}${PS1_END} "
export 'PS1'
unset PS1_COUNT PS1_END PS1_GIT PS1_HOSTNAME PS1_HOSTNAME_COLOR\
PS1_USER PS1_USER_COLOR PS1_STATUS PS1_WORKDIR
}
## screen_attach() attaches existing screen session or creates a new one
screen_attach() {
command -v screen >/dev/null 2>&1 || return
SCREEN_SESSION="$(id -nu)@$(hostname |sed 's/\..*//')"
if [ -z "${STY}" ]; then
# attach screen in tmux window 0 only ;)
[ -n "${TMUX}" ] \
&& [ "$(tmux list-window 2>/dev/null |awk '$NF == "(active)" {print $1}'\
|sed 's/:$//')" != "0" ] \
&& return
printf 'Attaching screen.' && sleep 1\
&& printf '.' && sleep 1\
&& printf '.' && sleep 1
exec screen -xRR -S "${SCREEN_SESSION}"
fi
unset SCREEN_SESSION
}
## screen_detach() detaches current screen session
screen_detach() {
screen -d
}
## ssh_add() loads all private keys in ~/.ssh/ to ssh agent
ssh_add() {
command -v ssh-agent >/dev/null 2>&1 && command -v ssh-add >/dev/null 2>&1 || return
SSH_AGENT_DIR="/tmp/ssh-$(id -u)"
SSH_AGENT_SOCK="${SSH_AGENT_DIR}/agent@$(hostname |sed 's/\..*//')"
# launch a new agent
if [ -z "${SSH_AUTH_SOCK}" ]; then
[ ! -d "${SSH_AGENT_DIR}" ] \
&& mkdir -p "${SSH_AGENT_DIR}" 2>/dev/null\
&& chmod 0700 "${SSH_AGENT_DIR}"
# search for an already running agent
if ps wwx -o args |awk '$1 ~ "ssh-agent$" && $3 == "'"${SSH_AGENT_SOCK}"'"' |wc -l |grep -q 0; then
rm -f "${SSH_AGENT_SOCK}"
ssh-agent -a "${SSH_AGENT_SOCK}" >/dev/null 2>&1
fi
fi
# attach to agent
export SSH_AUTH_SOCK="${SSH_AUTH_SOCK:-${SSH_AGENT_SOCK}}"
# list private keys to add
# shellcheck disable=SC2068
for dir in ${@:-${HOME}/.ssh}; do
if [ "${SSH_ADD_RECURSIVE:-}" = true ]; then
GREP_RECURSIVE_FLAG="r"
else
GREP_RECURSIVE_CHAR="*"
fi
SSH_PRIVATE_KEYS="${SSH_PRIVATE_KEYS:-} ${dir}/id_rsa $(grep -l${GREP_RECURSIVE_FLAG:-} 'PRIVATE KEY' "${dir}"/"${GREP_RECURSIVE_CHAR:-}" 2>/dev/null |grep -vw "${dir}"/id_rsa)"
done
# shellcheck disable=SC2086
printf '%s\n' ${SSH_PRIVATE_KEYS} |while read -r file; do
[ -r "${file}" ] || continue
# add private key to agent
ssh-add -l |grep -q "$(ssh-keygen -lf "${file}" 2>/dev/null |awk '{print $2}')" 2>/dev/null || ssh-add "${file}"
done
unset GREP_RECURSIVE_CHAR GREP_RECURSIVE_FLAG SSH_AGENT_DIR SSH_AGENT_SOCK SSH_PRIVATE_KEYS
}
## ssh_del() removes all private keys in ~/.ssh/ from ssh agent
ssh_del() {
command -v ssh-add >/dev/null 2>&1 || return
# attach to agent
if [ -z "${SSH_AUTH_SOCK}" ]; then
return
fi
# list private keys to del
# shellcheck disable=SC2068
for dir in ${@:-${HOME}/.ssh}; do
if [ "${SSH_DEL_RECURSIVE:-}" = true ]; then
GREP_RECURSIVE_FLAG="r"
else
GREP_RECURSIVE_CHAR="*"
fi
SSH_PRIVATE_KEYS="${SSH_PRIVATE_KEYS:-} ${dir}/id_rsa $(grep -l${GREP_RECURSIVE_FLAG:-} 'PRIVATE KEY' "${dir}"/"${GREP_RECURSIVE_CHAR:-}" 2>/dev/null |grep -vw "${dir}"/id_rsa)"
done
# shellcheck disable=SC2086
printf '%s\n' ${SSH_PRIVATE_KEYS} |while read -r file; do
[ -r "${file}" ] || continue
# remove private key from agent
ssh-add -l |grep -q "$(ssh-keygen -lf "${file}" 2>/dev/null |awk '{print $2}')" 2>/dev/null && ssh-add -d "${file}"
done
unset GREP_RECURSIVE_CHAR GREP_RECURSIVE_FLAG SSH_PRIVATE_KEYS
}
## tmux_attach() attaches existing tmux session or creates a new one
tmux_attach() {
command -v tmux >/dev/null 2>&1 || return
TMUX_SESSION="$(id -nu)@$(hostname |sed 's/\..*//')"
if [ -z "${TMUX}" ]; then
printf 'Attaching tmux.' && sleep 1\
&& printf '.' && sleep 1\
&& printf '.' && sleep 1
exec tmux -L"${TMUX_SESSION}" new-session -A -s"${TMUX_SESSION}"
fi
unset TMUX_SESSION
}
## tmux_detach() detaches current tmux session
tmux_detach() {
tmux detach
}
## user_count() prints number of "users sessions"/"users"/"logged users"
user_count() {
ps ax -o user,tty 2>/dev/null |awk '
$2 ~ /^(pts|tty)/ { users_session++; logged[$1]++; };
{ count[$1]++; }
END {
for (uc in count) { c = c" "uc; }; users_count=split(c,v," ")-1;
for (ul in logged) { l = l" "ul; }; users_logged=split(l,v," ")-1;
print users_session+0"/"users_count"/"users_logged;
}'
}
# vim:ts=2:sw=2:sts=2:et

@ -1,6 +1,5 @@
#!/bin/ash
set -euo pipefail
set -o errexit
set -euo errexit
trap 'kill -SIGQUIT $PID' INT

@ -0,0 +1,128 @@
FROM debian:bullseye as dist
LABEL maintainer aynic.os <support+docker@asycn.io>
ARG DOCKER_BUILD_DIR
ARG GIT_AUTHOR_NAME
ARG GIT_AUTHOR_EMAIL
ARG OPERATING_SYSTEM=Linux
ARG PROCESSOR_ARCHITECTURE=x86_64
ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
ENV GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME}
ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL}
RUN apt-get update \
&& apt-get -fy install \
bash \
curl \
gettext \
git \
gpg \
gpg-agent \
make \
nano \
netcat-openbsd \
openssh-client \
screen \
socat \
tmux \
wget \
xz-utils
ARG IPFS_VERSION=0.13.0
RUN { OS="$(echo ${OPERATING_SYSTEM} |awk '{print tolower($0)}')"; \
ARCH="$(echo ${PROCESSOR_ARCHITECTURE})"; \
wget -qO - https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.${OS}.${ARCH}.tar.xz \
|tar --strip-components 1 -C /usr/local/bin -xJf - shellcheck-stable/shellcheck; } \
&& { ARCH="$(echo ${PROCESSOR_ARCHITECTURE} |awk '/x86_64/ {print "amd64"}; /aarch64/ {print "arm64"}')"; \
wget -qO - https://github.com/ipfs/go-ipfs/releases/download/v${IPFS_VERSION}/go-ipfs_v${IPFS_VERSION}_${OS}-${ARCH}.tar.gz \
|tar --strip-components 1 -C /usr/local/bin -xzf - go-ipfs/ipfs; } \
&& mkdir -p /usr/local/lib/shellspec \
&& wget -qO - https://github.com/shellspec/shellspec/archive/refs/heads/master.tar.gz \
|tar --strip-components 1 -C /usr/local/lib/shellspec -xzf - \
&& ln -s /usr/local/lib/shellspec/shellspec /usr/local/bin/shellspec
ADD https://raw.github.com/aya/dpgpid/master/keygen /usr/local/bin/keygen
RUN chmod +rx /usr/local/bin/keygen
ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/local/bin/cronlock
RUN chmod +rx /usr/local/bin/cronlock
ADD https://git.p2p.legal/axiom-team/astrXbian/raw/branch/master/include.sh /
ADD https://git.p2p.legal/axiom-team/astrXbian/raw/branch/master/install.sh /
RUN chmod +r /include.sh \
&& chmod +rx /install.sh
# COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh
# ENTRYPOINT ["/docker-entrypoint.sh"]
# CMD ["/bin/sh"]
FROM dist as master
ARG DOCKER_BUILD_DIR
ARG DOCKER_GID
ARG SHELL=/bin/bash
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
RUN apt-get -fy install \
cron \
pkg-config \
python3 \
sudo
# If we provide a numeric UID
RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
# Remove user with $UID if it is not our $USER
&& if [ "$(getent passwd $UID |awk -F: '{print $1}')" != "$USER" ]; then \
sed -i '/^'$(getent passwd $UID |awk -F: '{print $1}')':x:'$UID':/d' /etc/passwd; \
sed -i '/^'$(getent group $GID |awk -F: '{print $1}')':x:'$GID':/d' /etc/group; \
fi \
# Force $UID if our $USER already exists
&& sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \
&& sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \
# Create $USER if it does not exist
&& if [ "$(getent passwd $UID)" = "" ]; then \
echo "$USER:x:$UID:$GID::/home/$USER:$SHELL" >> /etc/passwd; \
echo "$USER:\!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \
echo "$USER:x:$GID:" >> /etc/group; \
fi \
&& mkdir -p /home/$USER \
&& chown $UID:$GID /home/$USER \
|| true
# If we provide a numeric DOCKER_GID
RUN [ "$DOCKER_GID" -eq "$DOCKER_GID" ] 2>/dev/null \
&& if [ "$(getent group docker |awk -F: '{print $3}')" != "$DOCKER_GID" ]; then \
sed -i 's/^docker:x:[0-9]\+:/docker:x:'$DOCKER_GID':/' /etc/group; \
fi \
|| true
## group sudo
RUN adduser $USER sudo \
&& echo '%sudo ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers
USER $USER
ENV SHELL=${SHELL}
WORKDIR /home/$USER
# git config
RUN mkdir -p ~/.config/git \
&& echo -e "\
.DS_Store\n\
.idea/\n\
.nfs*\n\
*~\n\
*.log\n\
*.swp\n\
Thumbs.db\n\
" > ~/.config/git/ignore
RUN bash -c '. /include.sh && install_requirements'
COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["start"]

@ -0,0 +1,33 @@
#!/usr/bin/env sh
set -euo errexit
# Print a debug message if debug mode is on ($DEBUG is not empty)
# @param message
debug_msg ()
{
if [ -n "${DEBUG:-}" -a "${DEBUG:-}" != "false" ]; then
echo "$@"
fi
}
# Install astrXbian/Astroport.ONE
# /install.sh
case "${1:-start}" in
start)
debug_msg "Starting..."
exec sudo /usr/sbin/cron -f -L/dev/stdout
;;
install)
debug_msg "Installing..."
exec /install.sh
;;
*)
debug_msg "Exec: $@"
exec "$@"
;;
esac

@ -81,6 +81,11 @@ exec@%: SERVICE ?= $(DOCKER_SERVICE)
exec@%:
$(call make,ssh-exec,$(MYOS),APP ARGS SERVICE)
# target force-%: Fire targets % and stack-node-%
# on local host
.PHONY: force-%
force-%: % stack-node-%;
# target install app-install: Install application
# on local host
.PHONY: install app-install
@ -150,6 +155,11 @@ run@%:
.PHONY: scale
scale: docker-compose-scale ## Scale SERVICE application to NUM dockers
# target shutdown: remove application, node and user dockers
# on local host
.PHONY: shutdown
shutdown: force-down ## Shutdown all dockers
# target ssh@%: Connect to % ENV
# on first remote host
.PHONY: ssh@%
@ -159,7 +169,7 @@ ssh@%:
# target stack: Call docker-stack for each STACK
## it updates COMPOSE_FILE with all .yml files of the current stack
.PHONY: stack
stack:
stack: docker-network-create
$(foreach stackz,$(STACK),$(call docker-stack,$(stackz)))
# target stack-%: Call docker-compose-% target on STACK
@ -172,7 +182,7 @@ stack-%:
$(eval command := $(lastword $(subst -, ,$*)))
$(if $(findstring -,$*), \
$(if $(filter $(command),$(filter-out %-%,$(patsubst docker-compose-%,%,$(filter docker-compose-%,$(MAKE_TARGETS))))), \
$(call make,docker-compose-$(command) STACK="$(stack)" $(if $(filter $(COMPOSE_PROJECT_NAME_NODE),$(stack)),COMPOSE_PROJECT_NAME=$(COMPOSE_PROJECT_NAME_NODE)),,ARGS COMPOSE_IGNORE_ORPHANS SERVICE)))
$(call make,docker-compose-$(command) STACK="$(stack)",,ARGS COMPOSE_IGNORE_ORPHANS SERVICE User node)))
# target start app-start: Start application dockers
# on local host
@ -192,7 +202,7 @@ tests: app-tests ## Test application
# target up: Create and start application dockers
# on local host
.PHONY: up
up: docker-compose-up app-start ## Create application dockers
up: stack-required docker-compose-up app-start ## Create application dockers
# target update app-update: Update application files
# on local host

@ -29,6 +29,7 @@ DOCKER_BUILD_TARGETS ?= $(ENV_DEPLOY)
DOCKER_BUILD_VARS ?= APP BRANCH COMPOSE_VERSION DOCKER_GID DOCKER_REPOSITORY GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME OPERATING_SYSTEM PROCESSOR_ARCHITECTURE SSH_BASTION_HOSTNAME SSH_BASTION_USERNAME SSH_PRIVATE_IP_RANGE SSH_PUBLIC_HOST_KEYS SSH_REMOTE_HOSTS UID USER VERSION
DOCKER_COMPOSE ?= $(if $(DOCKER_RUN),docker/compose:$(COMPOSE_VERSION),$(or $(shell docker compose >/dev/null 2>&1 && printf 'docker compose\n'),docker-compose)) $(COMPOSE_ARGS)
DOCKER_COMPOSE_DOWN_OPTIONS ?=
DOCKER_COMPOSE_RUN_OPTIONS ?= --rm
DOCKER_COMPOSE_UP_OPTIONS ?= -d
DOCKER_IMAGE_TAG ?= $(if $(filter $(ENV),$(ENV_DEPLOY)),$(VERSION),$(if $(DRONE_BUILD_NUMBER),$(DRONE_BUILD_NUMBER),latest))
DOCKER_IMAGES ?= $(patsubst %/,%,$(patsubst docker/%,%,$(dir $(wildcard docker/*/Dockerfile))))
@ -56,32 +57,18 @@ DOCKER_COMPOSE_DOWN_OPTIONS := --rmi all -v
DOCKER_COMPOSE_UP_OPTIONS := -d --build
endif
# https://github.com/docker/libnetwork/pull/2348
ifeq ($(OPERATING_SYSTEM),Darwin)
DOCKER_HOST_IFACE ?= $(shell docker run --rm -it --net=host alpine /sbin/ip -4 route list match 0/0 2>/dev/null |awk '{print $$5}' |awk '!seen[$$0]++' |head -1)
DOCKER_HOST_INET ?= $(shell docker run --rm -it --net=host alpine /sbin/ip -4 addr show $(DOCKER_HOST_IFACE) 2>/dev/null |awk '$$1 == "inet" {sub(/\/.*/,"",$$2); print $$2}')
DOCKER_INTERNAL_DOCKER_GATEWAY ?= $(shell docker run --rm -it alpine getent hosts gateway.docker.internal 2>/dev/null |awk '{print $$1}' |head -1)
DOCKER_INTERNAL_DOCKER_HOST ?= $(shell docker run --rm -it alpine getent hosts host.docker.internal 2>/dev/null |awk '{print $$1}' |head -1)
else
DOCKER_HOST_IFACE ?= $(shell /sbin/ip -4 route list match 0/0 2>/dev/null |awk '{print $$5}' |awk '!seen[$$0]++' |head -1)
DOCKER_HOST_INET ?= $(shell /sbin/ip -4 addr show $(DOCKER_HOST_IFACE) 2>/dev/null |awk '$$1 == "inet" {sub(/\/.*/,"",$$2); print $$2}')
DOCKER_INTERNAL_DOCKER_GATEWAY ?= $(shell /sbin/ip -4 route list match 0/0 2>/dev/null |awk '{print $$3}' |awk '!seen[$$0]++' |head -1)
DOCKER_INTERNAL_DOCKER_HOST ?= $(shell /sbin/ip addr show docker0 2>/dev/null |awk '$$1 == "inet" {sub(/\/.*/,"",$$2); print $$2}')
endif