STI
/
myos
3
2
Fork 1
Code Issues 3 Pull Requests Projects Releases Wiki Activity

Compare commits

base: STI:15227453ec3bf41ae96062f671a8c830fc7c4fb9
Branches Tags
STI:master
STI:develop
STI:tmp
STI:yaip
...
compare: STI:97cd91a020ca418dc686eabcb35ab5b7aabf83ab
Branches Tags
STI:master
STI:develop
STI:tmp
STI:yaip

4 Commits
15227453ec ... 97cd91a020

Author SHA1 Message Date
aynic.os 97cd91a020 wip 2021-06-14 12:52:48 +02:00
aynic.os 743e874c59 lol 2021-06-13 02:14:49 +02:00
aynic.os 4f390ce36a verbose mode 2021-06-12 04:58:29 +02:00
aynic.os 5e659fbfe0 wip 2021-06-09 03:41:47 +02:00
93 changed files with 1251 additions and 1343 deletions
Show Stats Expand all files Collapse all files

2
.env.dist
View File

@ -1,3 +1 @@
APP=myos
DOCKER_SERVICE=cli
ENV=dist

2
Makefile
View File

@ -12,4 +12,4 @@ app-build: base install-build-config
app-install: base node
app-start: base-ssh-add
app-start: ssh-add

18
README.md
View File

@ -10,6 +10,24 @@ This is work in progress ;)
$ make install
```
### Make variables
#### DEBUG
Show debug informations
```shell
$ make install DEBUG=true
```
#### DRYRUN
Show commands, do nothing
```shell
$ make install DRYRUN=true
```
## Status
Use it at your own risks.

20
ansible/ansible.mk
View File

@ -1,15 +1,11 @@
# target ansible: Fire docker-build-ansible, Call ansible ANSIBLE_ARGS ARGS or ansible-run target
.PHONY: ansible
ansible: docker-build-ansible
ifneq ($(ARGS),)
ansible: $(if $(DOCKER_RUN),docker-build-ansible)
$(call ansible,$(ANSIBLE_ARGS) $(ARGS))
else
$(call make,ansible-run)
endif
# target ansible-playbook: Call ansible-playbook ANSIBLE_ARGS ARGS
.PHONY: ansible-playbook
ansible-playbook:
ansible-playbook: $(if $(DOCKER_RUN),docker-build-ansible)
$(call ansible-playbook,$(ANSIBLE_ARGS) $(ARGS))
# target ansible-pull: Call ansible-pull ANSIBLE_GIT_REPOSITORY ANSIBLE_PLAYBOOK
@ -17,16 +13,16 @@ ansible-playbook:
ansible-pull:
$(call ansible-pull,--url $(ANSIBLE_GIT_REPOSITORY) $(if $(ANSIBLE_GIT_KEY_FILE),--key-file $(ANSIBLE_GIT_KEY_FILE)) $(if $(ANSIBLE_GIT_VERSION),--checkout $(ANSIBLE_GIT_VERSION)) $(if $(ANSIBLE_GIT_DIRECTORY),--directory $(ANSIBLE_GIT_DIRECTORY)) $(if $(ANSIBLE_TAGS),--tags $(ANSIBLE_TAGS)) $(if $(ANSIBLE_EXTRA_VARS),--extra-vars '$(ANSIBLE_EXTRA_VARS)') $(if $(findstring true,$(FORCE)),--force) $(if $(findstring true,$(DRYRUN)),--check) --full $(if $(ANSIBLE_INVENTORY),--inventory $(ANSIBLE_INVENTORY)) $(ANSIBLE_PLAYBOOK))
# target ansible-pull@%: Fire get-PrivateIpAddress-% for SERVER_NAME, Call ssh-exec make ansible-pull DOCKER_IMAGE_TAG
# target ansible-pull@%: Fire ssh-get-PrivateIpAddress-% for SERVER_NAME, Call ssh-exec make ansible-pull DOCKER_IMAGE_TAG
.PHONY: ansible-pull@%
ansible-pull@%: get-PrivateIpAddress-$(SERVER_NAME)
ansible-pull@%: ssh-get-PrivateIpAddress-$(SERVER_NAME)
$(call ssh-exec,$(AWS_INSTANCE_IP),make ansible-pull ANSIBLE_DOCKER_IMAGE_TAG=$(ANSIBLE_DOCKER_IMAGE_TAG) ANSIBLE_TAGS=$(ANSIBLE_TAGS) FORCE=$(FORCE))
# target ansible-run: Fire base-ssh-add docker-build-ansible ansible-run-localhost
# target ansible-run: Fire ssh-add ansible-run-localhost
.PHONY: ansible-run
ansible-run: base-ssh-add docker-build-ansible ansible-run-localhost
ansible-run: ssh-add ansible-run-localhost
# target ansible-run-%: Call ansible-playbook ANSIBLE_PLAYBOOK
# target ansible-run-%: Fire docker-build-ansible, Call ansible-playbook ANSIBLE_PLAYBOOK
.PHONY: ansible-run-%
ansible-run-%:
ansible-run-%: $(if $(DOCKER_RUN),docker-build-ansible)
$(call ansible-playbook,$(if $(ANSIBLE_TAGS),--tags $(ANSIBLE_TAGS)) $(if $(ANSIBLE_EXTRA_VARS),--extra-vars '$(patsubst target=localhost,target=$*,$(ANSIBLE_EXTRA_VARS))') $(if $(findstring true,$(DRYRUN)),--check) $(if $(ANSIBLE_INVENTORY),--inventory $(ANSIBLE_INVENTORY)) $(ANSIBLE_PLAYBOOK))

30
ansible/def.ansible.mk
View File

@ -18,36 +18,24 @@ ANSIBLE_PLAYBOOK ?= ansible/playbook.yml
ANSIBLE_SSH_PRIVATE_KEYS ?= $(SSH_PRIVATE_KEYS)
ANSIBLE_SERVER_NAME ?= $(SERVER_NAME)
ANSIBLE_USERNAME ?= root
ANSIBLE_VERBOSE ?= -v
ANSIBLE_VERBOSE ?= $(if $(DEBUG),-vvvv,$(if $(VERBOSE),-v))
CMDS += ansible ansible-playbook
DOCKER_RUN_OPTIONS += --add-host=host.docker.internal:$(DOCKER_INTERNAL_DOCKER_HOST)
ENV_VARS += ANSIBLE_AWS_ACCESS_KEY_ID ANSIBLE_AWS_DEFAULT_OUTPUT ANSIBLE_AWS_DEFAULT_REGION ANSIBLE_AWS_SECRET_ACCESS_KEY ANSIBLE_CONFIG ANSIBLE_DISKS_NFS_DISK ANSIBLE_DISKS_NFS_OPTIONS ANSIBLE_DISKS_NFS_PATH ANSIBLE_DOCKER_IMAGE_TAG ANSIBLE_DOCKER_REGISTRY ANSIBLE_EXTRA_VARS ANSIBLE_GIT_DIRECTORY ANSIBLE_GIT_KEY_FILE ANSIBLE_GIT_REPOSITORY ANSIBLE_GIT_VERSION ANSIBLE_INVENTORY ANSIBLE_PLAYBOOK ANSIBLE_SSH_PRIVATE_KEYS ANSIBLE_USERNAME ANSIBLE_VERBOSE
ifeq ($(DEBUG), true)
ANSIBLE_VERBOSE := -vvvv
endif
ifeq ($(DOCKER), true)
define ansible
$(call run,$(DOCKER_SSH_AUTH) -v ~/.aws:/home/$(USER)/.aws --add-host=host.docker.internal:$(DOCKER_INTERNAL_DOCKER_HOST) $(DOCKER_REPOSITORY)/ansible:$(DOCKER_IMAGE_TAG) $(ANSIBLE_ARGS) -i $(ANSIBLE_INVENTORY)/.host.docker.internal $(ANSIBLE_VERBOSE) $(1))
endef
define ansible-playbook
$(call run,$(DOCKER_SSH_AUTH) -v ~/.aws:/home/$(USER)/.aws --add-host=host.docker.internal:$(DOCKER_INTERNAL_DOCKER_HOST) --entrypoint=ansible-playbook $(DOCKER_REPOSITORY)/ansible:$(DOCKER_IMAGE_TAG) $(ANSIBLE_ARGS) -i $(ANSIBLE_INVENTORY)/.host.docker.internal $(ANSIBLE_VERBOSE) $(1))
endef
define ansible-pull
# TODO : run ansible in docker and target localhost outside docker
IFS=$$'\n'; $(ECHO) env $(foreach var,$(ENV_VARS),$(if $($(var)),$(var)='$($(var))')) $(shell printenv |awk -F '=' 'NR == FNR { if($$1 !~ /^(\#|$$)/) { A[$$1]; next } } ($$1 in A)' .env.dist - 2>/dev/null) $$(cat $(ENV_FILE) 2>/dev/null |awk -F "=" '$$1 ~! /^\(#|$$\)/') ansible-pull $(ANSIBLE_ARGS) $(ANSIBLE_VERBOSE) $(1)
endef
else
# function ansible: Call run ansible ANSIBLE_ARGS with arg 1
define ansible
$(call run,ansible $(ANSIBLE_ARGS) $(ANSIBLE_VERBOSE) $(1))
$(call INFO,ansible,$(1))
$(RUN) $(call run,ansible $(ANSIBLE_ARGS) $(ANSIBLE_VERBOSE) $(if $(DOCKER_RUN),-i $(ANSIBLE_INVENTORY)/.host.docker.internal) $(1),$(DOCKER_REPOSITORY)/)
endef
# function ansible-playbook: Call run ansible-playbook ANSIBLE_ARGS with arg 1
define ansible-playbook
$(call run,ansible-playbook $(ANSIBLE_ARGS) $(ANSIBLE_VERBOSE) $(1))
$(call INFO,ansible-playbook,$(1))
$(RUN) $(call run,ansible$(if $(DOCKER_RUN),,-playbook) $(ANSIBLE_ARGS) $(ANSIBLE_VERBOSE) $(if $(DOCKER_RUN),-i $(ANSIBLE_INVENTORY)/.host.docker.internal) $(1),--entrypoint=ansible-playbook $(DOCKER_REPOSITORY)/)
endef
# function ansible-pull: Call run ansible-pull ANSIBLE_ARGS with arg 1
## TODO: run ansible in docker and target localhost outside docker when DOCKER=true
define ansible-pull
$(call run,ansible-pull $(ANSIBLE_ARGS) $(ANSIBLE_VERBOSE) $(1))
$(call INFO,ansible-pull,$(1))
$(RUN) $(call env-run,ansible-pull $(ANSIBLE_ARGS) $(ANSIBLE_VERBOSE) $(1))
endef
endif

2
ansible/roles/aws-cli/.gitrepo
View File

@ -4,7 +4,7 @@
; git-subrepo command. See https://github.com/git-commands/git-subrepo#readme
;
[subrepo]
remote = ssh://git@github.com/1001Pharmacies/ansible-aws-cli
remote = ssh://git@github.com/aynicos/ansible-aws-cli
branch = master
commit = f10e38af3a9b36648576f9850e0d09fcc7a057df
parent = 9ee8bfab9d2f5e5591c2e8a3d6f3a03b56b36196

2
ansible/roles/disks/.gitrepo
View File

@ -4,7 +4,7 @@
; git-subrepo command. See https://github.com/git-commands/git-subrepo#readme
;
[subrepo]
remote = ssh://git@github.com/1001Pharmacies/ansible-disks
remote = ssh://git@github.com/aynicos/ansible-disks
branch = master
commit = c0ac6978d715b461fbf20aca719cd5196bc60645
parent = d01cccd9bab3a63d60ba251e3719767635ccd5d2

2
ansible/roles/docker/.gitrepo
View File

@ -4,7 +4,7 @@
; git-subrepo command. See https://github.com/git-commands/git-subrepo#readme
;
[subrepo]
remote = ssh://git@github.com/1001Pharmacies/ansible-docker
remote = ssh://git@github.com/aynicos/ansible-docker
branch = master
commit = 6217a899084cba00447195d1873b211462b60d52
parent = 4745dad8cb8a826ee3ac47accda79f96957b5e13

2
ansible/roles/hosts/.gitrepo
View File

@ -4,7 +4,7 @@
; git-subrepo command. See https://github.com/git-commands/git-subrepo#readme
;
[subrepo]
remote = ssh://git@github.com/1001Pharmacies/ansible-hosts
remote = ssh://git@github.com/aynicos/ansible-hosts
branch = master
commit = a495a6dbfae1f3c32f8e968c1ff2b3596ab42f27
parent = 85a259e1f4db43a63c58b4c8fe39b5d5e3b54053

10
ansible/roles/hosts/files/etc/profile.d/rc.sh
View File

@ -1,9 +1,13 @@
# shellcheck shell=sh
# test current shell flags
## rc.sh calls user defined functions
# author: Yann "aya" Autissier
# license: MIT
# updated: 2021/03/04
case $- in
# if we are in an interactive shell
*i*)
# load user stuff from files ~/.rc.d/*
# load user stuff from ~/.rc.d/* files
for file in "${HOME}"/.rc.d/*; do
# read files only
if [ -f "${file}" ]; then
@ -19,7 +23,7 @@ case $- in
command -v "${func_name}" >/dev/null 2>&1 && "${func_name}" "${func_args}"
fi
done
# load user stuff from env vars RC_*
# load user stuff from RC_* env vars
IFS="$(printf '%b_' '\n')"; IFS="${IFS%_}"; for line in $(printenv 2>/dev/null |awk '$0 ~ /^RC_[1-9A-Z_]*=/'); do
func_name=$(printf '%s\n' "${line%%=*}" |awk '{print tolower(substr($0,4))}')
eval func_args=\$"${line%%=*}"

385
ansible/roles/hosts/files/etc/profile.d/rc_functions.sh
View File

@ -1,218 +1,283 @@
# shellcheck shell=sh
## rc_function.sh defines customs shell functions
# author: Yann "aya" Autissier
# license: MIT
# updated: 2021/03/04
## force() runs a command sine die
force() {
if [ $# -gt 0 ]; then
while true; do
"$@"
sleep 1
done
fi
if [ $# -gt 0 ]; then
while true; do
"$@"
sleep 1
done
fi
}
## force8() runs a command sine die if not already running
force8() {
if [ $# -gt 0 ]; then
while true; do
# awk expression to match $@
[ "$(ps wwx -o args 2>/dev/null |awk -v field="${PS_X_FIELD:-1}" '
BEGIN {nargs=split("'"$*"'",args)}
# if match first field
$field == args[1] {
matched=1;
# match following fields
for (i=1;i<=NF-field;i++) {
if ($(i+field) == args[i+1]) {matched++}
}
# all fields matched
if (matched == nargs) {found++}
}
END {print found+0}'
)" = 0 ] && "$@"
sleep 1
done
fi
if [ $# -gt 0 ]; then
while true; do
# awk expression to match $@
[ "$(ps wwx -o args 2>/dev/null |awk -v field="${PS_X_FIELD:-1}" '
BEGIN { nargs=split("'"$*"'",args); }
# first field matched
$field == args[1] {
matched=1;
# match following fields
for (i=1;i<=NF-field;i++) {
if ($(i+field) == args[i+1]) { matched++; }
};
# all fields matched
if (matched == nargs) { found++; }
}
END { print found+0; }'
)" = 0 ] && "$@"
sleep 1
done
fi
}
## load_average() prints the current load average
load_average() {
awk '{printf "%.1f\n" $1}' /proc/loadavg 2>/dev/null \
|| uptime 2>/dev/null |awk '{printf "%.1f\n", $(NF-2)}'
}
awk '{printf "%.1f\n" $1}' /proc/loadavg 2>/dev/null\
|| uptime 2>/dev/null |awk '{printf "%.1f\n", $(NF-2)}'
}
## process_count() prints number of "processes"/"running processes"/"D-state"
process_count() {
ps ax -o stat 2>/dev/null |awk '
$1 ~ /R/ {process_running++};
$1 ~ /D/ {process_dstate++};
END {
print NR-1"/"process_running+0"/"process_dstate+0;
}'
ps ax -o stat 2>/dev/null |awk '
$1 ~ /R/ {process_running++};
$1 ~ /D/ {process_dstate++};
END { print NR-1"/"process_running+0"/"process_dstate+0; }'
}
## prompt_set() exports custom PROMPT_COMMAND
prompt_set() {
case "${TERM}" in
screen*)
ESCAPE_CODE_DCS="\033k"
ESCAPE_CODE_ST="\033\\"
;;
linux*|xterm*|rxvt*)
ESCAPE_CODE_DCS="\033]0;"
ESCAPE_CODE_ST="\007"
;;
*)
;;
esac
# in a screen
if [ -n "${STY}" ]; then
export PROMPT_COMMAND='printf "${ESCAPE_CODE_DCS:-\033]0;}%s${ESCAPE_CODE_ST:-\007}" "${PWD##*/}"'
else
export PROMPT_COMMAND='printf "${ESCAPE_CODE_DCS:-\033]0;}%s@%s:%s${ESCAPE_CODE_ST:-\007}" "${USER}" "${HOSTNAME%%.*}" "${PWD##*/}"'
fi
unset ESCAPE_CODE_DCS ESCAPE_CODE_ST
case "${TERM}" in
screen*)
ESCAPE_CODE_DCS="\033k"
ESCAPE_CODE_ST="\033\\"
;;
linux*|xterm*|rxvt*)
ESCAPE_CODE_DCS="\033]0;"
ESCAPE_CODE_ST="\007"
;;
*)
;;
esac
# in a screen
if [ -n "${STY}" ]; then
export PROMPT_COMMAND='printf\
"${ESCAPE_CODE_DCS:-\033]0;}%s${ESCAPE_CODE_ST:-\007}"\
"${PWD##*/}"'
else
export PROMPT_COMMAND='printf\
"${ESCAPE_CODE_DCS:-\033]0;}%s@%s:%s${ESCAPE_CODE_ST:-\007}"\
"${USER}"\
"${HOSTNAME%%.*}"\
"${PWD##*/}"'
fi
unset ESCAPE_CODE_DCS ESCAPE_CODE_ST
}
## ps1_set() exports custom PS1
ps1_set() {
case "$0" in
*sh)
COLOR_DGRAY="\[\033[1;30m\]"
COLOR_RED="\[\033[01;31m\]"
COLOR_GREEN="\[\033[01;32m\]"
COLOR_BROWN="\[\033[0;33m\]"
COLOR_YELLOW="\[\033[01;33m\]"
COLOR_BLUE="\[\033[01;34m\]"
COLOR_CYAN="\[\033[0;36m\]"
COLOR_GRAY="\[\033[0;37m\]"
COLOR_NC="\[\033[0m\]"
;;
case "$0" in
*sh)
COLOR_DGRAY="\[\033[1;30m\]"
COLOR_RED="\[\033[01;31m\]"
COLOR_GREEN="\[\033[01;32m\]"
COLOR_BROWN="\[\033[0;33m\]"
COLOR_YELLOW="\[\033[01;33m\]"
COLOR_BLUE="\[\033[01;34m\]"
COLOR_CYAN="\[\033[0;36m\]"
COLOR_GRAY="\[\033[0;37m\]"
COLOR_RESET="\[\033[0m\]"
;;
*)
;;
esac
PS1_STATUS="\$?"
PS1_COUNT="${COLOR_DGRAY}[\`
case \"$PS1_STATUS\" in
0)
printf \"${COLOR_BLUE}${PS1_STATUS}\";;
1)
printf \"${COLOR_YELLOW}${PS1_STATUS}\";;
*)
;;
printf \"${COLOR_RED}${PS1_STATUS}\";;
esac
PS1_COUNT="${COLOR_DGRAY}[${COLOR_BLUE}\$(process_count 2>/dev/null)${COLOR_DGRAY}|${COLOR_BLUE}\$(user_count 2>/dev/null)${COLOR_DGRAY}|${COLOR_BLUE}\$(load_average 2>/dev/null)${COLOR_DGRAY}]${COLOR_NC}"
PS1_END="${COLOR_DGRAY}\$(if [ \"\$(id -u)\" = 0 ]; then printf \"#\"; else printf \"\$\"; fi)${COLOR_NC}"
if type __git_ps1 >/dev/null 2>&1; then
PS1_GIT="\$(__git_ps1 2>/dev/null \" (%s)\")"
type process_count >/dev/null 2>&1 && printf\
\"${COLOR_DGRAY}|${COLOR_BLUE}%s\"\
\"\$(process_count 2>/dev/null)\"
type user_count >/dev/null 2>&1 && printf\
\"${PS1_COUNT}${COLOR_DGRAY}|${COLOR_BLUE}%s\"\
\"\$(user_count 2>/dev/null)\"
type load_average >/dev/null 2>&1 && printf\
\"${PS1_COUNT}${COLOR_DGRAY}|${COLOR_BLUE}%s\"\
\"\$(load_average 2>/dev/null)\"
\`${COLOR_DGRAY}]${COLOR_RESET}"
PS1_END="${COLOR_DGRAY}\$(
if [ \"\$(id -u)\" = 0 ]; then
printf \"#\";
else
PS1_GIT="\$(BRANCH=\$(git rev-parse --abbrev-ref HEAD 2>/dev/null); [ -n \"\${BRANCH}\" ] && printf \" (\${BRANCH})\")"
printf \"\$\";
fi
PS1_GIT="${COLOR_CYAN}${PS1_GIT}${COLOR_NC}"
PS1_HOSTNAME_COLOR="\`case \"\${ENV}\" in [Pp][Rr][0Oo][Dd]*) printf \"${COLOR_RED}\";; *) if [ -n \"\${ENV}\" ]; then printf \"${COLOR_YELLOW}\"; else printf \"${COLOR_GREEN}\"; fi;; esac\`"
PS1_HOSTNAME="${PS1_HOSTNAME_COLOR}\$(hostname |sed 's/\..*//')${COLOR_NC}"
PS1_USER_COLOR="\$(if [ \"\$(id -u)\" = 0 ]; then printf \"${COLOR_RED}\"; else printf \"${COLOR_BROWN}\"; fi)"
PS1_USER="${PS1_USER_COLOR}\$(id -nu)${COLOR_NC}"
PS1_WORKDIR="${COLOR_GRAY}\$(pwd |sed 's|^'\${HOME}'\(/.*\)*$|~\1|')${COLOR_NC}"
export PS1="${PS1_COUNT}${PS1_USER}${COLOR_DGRAY}@${PS1_HOSTNAME}${COLOR_DGRAY}:${PS1_WORKDIR}${PS1_GIT}${PS1_END} "
unset PS1_COUNT PS1_END PS1_GIT PS1_HOSTNAME PS1_HOSTNAME_COLOR PS1_USER PS1_USER_COLOR PS1_WORKDIR
)${COLOR_RESET}"
PS1_GIT="\$(
if type __git_ps1 >/dev/null 2>&1; then
printf \"\$(__git_ps1 2>/dev/null \" (%s)\")\"
else
printf \"\$(BRANCH=\$(git rev-parse --abbrev-ref HEAD 2>/dev/null);\
[ -n \"\${BRANCH}\" ] && printf \" (\${BRANCH})\")\"
fi
)"
PS1_GIT="${COLOR_CYAN}${PS1_GIT}${COLOR_RESET}"
PS1_HOSTNAME_COLOR="\`case \"\${ENV}\" in
[Pp][Rr][0Oo][Dd]*)
printf \"${COLOR_RED}\";;
*)
if [ -n \"\${ENV}\" ]; then
printf \"${COLOR_YELLOW}\";
else
printf \"${COLOR_GREEN}\";
fi;;
esac\`"
PS1_HOSTNAME="${PS1_HOSTNAME_COLOR}\$(hostname |sed 's/\..*//')${COLOR_RESET}"
PS1_USER_COLOR="\$(
if [ \"\$(id -u)\" = 0 ]; then
printf \"${COLOR_RED}\";
else
printf \"${COLOR_BROWN}\";
fi
)"
PS1_USER="${PS1_USER_COLOR}\$(id -nu):\$(id -u)${COLOR_RESET}"
PS1_WORKDIR="${COLOR_GRAY}\$(
pwd |sed 's|^'\${HOME}'\(/.*\)*$|~\1|'
)${COLOR_RESET}"
PS1="${PS1_COUNT}${PS1_USER}${COLOR_DGRAY}@${PS1_HOSTNAME}"
PS1="${PS1}${COLOR_DGRAY}:${PS1_WORKDIR}${PS1_GIT}${PS1_END} "
export 'PS1'
unset PS1_COUNT PS1_END PS1_GIT PS1_HOSTNAME PS1_HOSTNAME_COLOR\
PS1_USER PS1_USER_COLOR PS1_STATUS PS1_WORKDIR
}
## screen_attach() attaches existing screen session or creates a new one
screen_attach() {
command -v screen >/dev/null 2>&1 || return
SCREEN_SESSION="$(id -nu)@$(hostname |sed 's/\..*//')"
if [ -z "${STY}" ]; then
# attach screen in tmux window 0 only ;)
[ -n "${TMUX}" ] && [ "$(tmux list-window 2>/dev/null |awk '$NF == "(active)" {print $1}' |sed 's/:$//')" != "0" ] && return
printf 'Attaching screen.' && sleep 1 && printf '.' && sleep 1 && printf '.' && sleep 1
exec screen -xRR -S "${SCREEN_SESSION}"
fi
unset SCREEN_SESSION
command -v screen >/dev/null 2>&1 || return
SCREEN_SESSION="$(id -nu)@$(hostname |sed 's/\..*//')"
if [ -z "${STY}" ]; then
# attach screen in tmux window 0 only ;)
[ -n "${TMUX}" ] \
&& [ "$(tmux list-window 2>/dev/null |awk '$NF == "(active)" {print $1}'\
|sed 's/:$//')" != "0" ] \
&& return
printf 'Attaching screen.' && sleep 1\
&& printf '.' && sleep 1\
&& printf '.' && sleep 1
exec screen -xRR -S "${SCREEN_SESSION}"
fi
unset SCREEN_SESSION
}
## screen_detach() detaches current screen session
screen_detach() {
screen -d
screen -d
}
## ssh_add() loads all private keys in ~/.ssh/ to ssh agent
ssh_add() {
command -v ssh-agent >/dev/null 2>&1 && command -v ssh-add >/dev/null 2>&1 || return
SSH_AGENT_DIR="/tmp/ssh-$(id -u)"
SSH_AGENT_SOCK="${SSH_AGENT_DIR}/agent@$(hostname |sed 's/\..*//')"
# launch a new agent
if [ -z "${SSH_AUTH_SOCK}" ]; then
[ ! -d "${SSH_AGENT_DIR}" ] && mkdir -p "${SSH_AGENT_DIR}" 2>/dev/null && chmod 0700 "${SSH_AGENT_DIR}"
# search for an already running agent
if ps wwx -o args |awk '$1 ~ "ssh-agent$" && $3 == "'"${SSH_AGENT_SOCK}"'"' |wc -l |grep -q 0; then
rm -f "${SSH_AGENT_SOCK}"
ssh-agent -a "${SSH_AGENT_SOCK}" >/dev/null 2>&1
fi
command -v ssh-agent >/dev/null 2>&1 && command -v ssh-add >/dev/null 2>&1 || return
SSH_AGENT_DIR="/tmp/ssh-$(id -u)"
SSH_AGENT_SOCK="${SSH_AGENT_DIR}/agent@$(hostname |sed 's/\..*//')"
# launch a new agent
if [ -z "${SSH_AUTH_SOCK}" ]; then
[ ! -d "${SSH_AGENT_DIR}" ] \
&& mkdir -p "${SSH_AGENT_DIR}" 2>/dev/null\
&& chmod 0700 "${SSH_AGENT_DIR}"
# search for an already running agent
if ps wwx -o args |awk '$1 ~ "ssh-agent$" && $3 == "'"${SSH_AGENT_SOCK}"'"' |wc -l |grep -q 0; then
rm -f "${SSH_AGENT_SOCK}"
ssh-agent -a "${SSH_AGENT_SOCK}" >/dev/null 2>&1
fi
# attach to agent
export SSH_AUTH_SOCK="${SSH_AUTH_SOCK:-${SSH_AGENT_SOCK}}"
# list private keys to add
# shellcheck disable=SC2068
for dir in ${@:-${HOME}/.ssh}; do
if [ "${SSH_ADD_RECURSIVE:-}" = true ]; then
GREP_RECURSIVE_FLAG="r"
else
GREP_RECURSIVE_CHAR="*"
fi
SSH_PRIVATE_KEYS="${SSH_PRIVATE_KEYS:-} ${dir}/id_rsa $(grep -l${GREP_RECURSIVE_FLAG:-} 'PRIVATE KEY' "${dir}"/"${GREP_RECURSIVE_CHAR:-}" 2>/dev/null |grep -vw "${dir}"/id_rsa)"
done
# shellcheck disable=SC2086
printf '%s\n' ${SSH_PRIVATE_KEYS} |while read -r file; do
[ -r "${file}" ] || continue
# add private key to agent
ssh-add -l |grep -q "$(ssh-keygen -lf "${file}" 2>/dev/null |awk '{print $2}')" 2>/dev/null || ssh-add "${file}"
done
unset GREP_RECURSIVE_CHAR GREP_RECURSIVE_FLAG SSH_AGENT_DIR SSH_AGENT_SOCK SSH_PRIVATE_KEYS
fi
# attach to agent
export SSH_AUTH_SOCK="${SSH_AUTH_SOCK:-${SSH_AGENT_SOCK}}"
# list private keys to add
# shellcheck disable=SC2068
for dir in ${@:-${HOME}/.ssh}; do
if [ "${SSH_ADD_RECURSIVE:-}" = true ]; then
GREP_RECURSIVE_FLAG="r"
else
GREP_RECURSIVE_CHAR="*"
fi
SSH_PRIVATE_KEYS="${SSH_PRIVATE_KEYS:-} ${dir}/id_rsa $(grep -l${GREP_RECURSIVE_FLAG:-} 'PRIVATE KEY' "${dir}"/"${GREP_RECURSIVE_CHAR:-}" 2>/dev/null |grep -vw "${dir}"/id_rsa)"
done
# shellcheck disable=SC2086
printf '%s\n' ${SSH_PRIVATE_KEYS} |while read -r file; do
[ -r "${file}" ] || continue
# add private key to agent
ssh-add -l |grep -q "$(ssh-keygen -lf "${file}" 2>/dev/null |awk '{print $2}')" 2>/dev/null || ssh-add "${file}"
done
unset GREP_RECURSIVE_CHAR GREP_RECURSIVE_FLAG SSH_AGENT_DIR SSH_AGENT_SOCK SSH_PRIVATE_KEYS
}
## ssh_del() removes all private keys in ~/.ssh/ from ssh agent
ssh_del() {
command -v ssh-add >/dev/null 2>&1 || return
# attach to agent
if [ -z "${SSH_AUTH_SOCK}" ]; then
return
command -v ssh-add >/dev/null 2>&1 || return
# attach to agent
if [ -z "${SSH_AUTH_SOCK}" ]; then
return
fi
# list private keys to del
# shellcheck disable=SC2068
for dir in ${@:-${HOME}/.ssh}; do
if [ "${SSH_DEL_RECURSIVE:-}" = true ]; then
GREP_RECURSIVE_FLAG="r"
else
GREP_RECURSIVE_CHAR="*"
fi
# list private keys to del
# shellcheck disable=SC2068
for dir in ${@:-${HOME}/.ssh}; do
if [ "${SSH_DEL_RECURSIVE:-}" = true ]; then
GREP_RECURSIVE_FLAG="r"
else
GREP_RECURSIVE_CHAR="*"
fi
SSH_PRIVATE_KEYS="${SSH_PRIVATE_KEYS:-} ${dir}/id_rsa $(grep -l${GREP_RECURSIVE_FLAG:-} 'PRIVATE KEY' "${dir}"/"${GREP_RECURSIVE_CHAR:-}" 2>/dev/null |grep -vw "${dir}"/id_rsa)"
done
# shellcheck disable=SC2086
printf '%s\n' ${SSH_PRIVATE_KEYS} |while read -r file; do
[ -r "${file}" ] || continue
# remove private key from agent
ssh-add -l |grep -q "$(ssh-keygen -lf "${file}" 2>/dev/null |awk '{print $2}')" 2>/dev/null && ssh-add -d "${file}"
done
unset GREP_RECURSIVE_CHAR GREP_RECURSIVE_FLAG SSH_PRIVATE_KEYS
SSH_PRIVATE_KEYS="${SSH_PRIVATE_KEYS:-} ${dir}/id_rsa $(grep -l${GREP_RECURSIVE_FLAG:-} 'PRIVATE KEY' "${dir}"/"${GREP_RECURSIVE_CHAR:-}" 2>/dev/null |grep -vw "${dir}"/id_rsa)"
done
# shellcheck disable=SC2086
printf '%s\n' ${SSH_PRIVATE_KEYS} |while read -r file; do
[ -r "${file}" ] || continue
# remove private key from agent
ssh-add -l |grep -q "$(ssh-keygen -lf "${file}" 2>/dev/null |awk '{print $2}')" 2>/dev/null && ssh-add -d "${file}"
done
unset GREP_RECURSIVE_CHAR GREP_RECURSIVE_FLAG SSH_PRIVATE_KEYS
}
## tmux_attach() attaches existing tmux session or creates a new one
tmux_attach() {
command -v tmux >/dev/null 2>&1 || return
TMUX_SESSION="$(id -nu)@$(hostname |sed 's/\..*//')"
if [ -z "${TMUX}" ]; then
printf 'Attaching tmux.' && sleep 1 && printf '.' && sleep 1 && printf '.' && sleep 1
exec tmux -L"${TMUX_SESSION}" new-session -A -s"${TMUX_SESSION}"
fi
unset TMUX_SESSION
command -v tmux >/dev/null 2>&1 || return
TMUX_SESSION="$(id -nu)@$(hostname |sed 's/\..*//')"
if [ -z "${TMUX}" ]; then
printf 'Attaching tmux.' && sleep 1\
&& printf '.' && sleep 1\
&& printf '.' && sleep 1
exec tmux -L"${TMUX_SESSION}" new-session -A -s"${TMUX_SESSION}"
fi
unset TMUX_SESSION
}
## tmux_detach() detaches current tmux session
tmux_detach() {
tmux detach
tmux detach
}
## user_count() prints number of "users sessions"/"users"/"logged users"
user_count() {
ps ax -o user,tty 2>/dev/null |awk '
$2 ~ /^(pts|tty)/ {users_session++; logged[$1]++;};
{count[$1]++;}
END {
for (uc in count) {c = c" "uc;}; users_count=split(c,v," ")-1;
for (ul in logged) {l = l" "ul;}; users_logged=split(l,v," ")-1;
print users_session+0"/"users_count"/"users_logged;
}'
ps ax -o user,tty 2>/dev/null |awk '
$2 ~ /^(pts|tty)/ { users_session++; logged[$1]++; };
{ count[$1]++; }
END {
for (uc in count) { c = c" "uc; }; users_count=split(c,v," ")-1;
for (ul in logged) { l = l" "ul; }; users_logged=split(l,v," ")-1;
print users_session+0"/"users_count"/"users_logged;
}'
}
# vim:ts=2:sw=2:sts=2:et

12
ansible/roles/hosts/templates/Makefile.j2
View File

@ -1,7 +1,5 @@
USER := 1001pharmacies
APP ?= $(shell hostname -s)
CMDS := exec
SERVICE ?= php
SERVICE ?= cli
-include .env
ansible:
@ -14,16 +12,16 @@ ansible-pull:
@$(foreach var,$(ENV_USER_VARS),$(if $($(var)),$(var)='$($(var))')) $(if $(ANSIBLE_CONFIG),ANSIBLE_CONFIG=$(ANSIBLE_GIT_DIRECTORY)/$(ANSIBLE_CONFIG)) ansible-pull --url $(ANSIBLE_GIT_REPOSITORY) $(if $(ANSIBLE_GIT_KEY_FILE),--key-file $(ANSIBLE_GIT_KEY_FILE)) $(if $(ANSIBLE_GIT_VERSION),--checkout $(ANSIBLE_GIT_VERSION)) $(if $(ANSIBLE_GIT_DIRECTORY),--directory $(ANSIBLE_GIT_DIRECTORY)) $(if $(ANSIBLE_TAGS),--tags $(ANSIBLE_TAGS)) $(if $(ANSIBLE_EXTRA_VARS),--extra-vars '$(ANSIBLE_EXTRA_VARS)') $(if $(findstring true,$(FORCE)),--force) $(if $(findstring true,$(DRYRUN)),--check) --full $(if $(ANSIBLE_INVENTORY),--inventory $(ANSIBLE_INVENTORY)) $(ANSIBLE_VERBOSE) $(ANSIBLE_PLAYBOOK)
exec:
@make -C $(ANSIBLE_GIT_DIRECTORY) exec ARGS='$(ARGS)' DOCKER_NAME=$(USER)_$(ENV)_$(APP)_$(SERVICE) ENV=$(ENV) DOCKER_RUN_WORKDIR=
@make -C $(ANSIBLE_GIT_DIRECTORY) exec ARGS='$(ARGS)' DOCKER_NAME=$(COMPOSE_PROJECT_NAME)_$(SERVICE) ENV=$(ENV) DOCKER_RUN_WORKDIR=
connect:
@docker exec -it $(USER)_$(ENV)_$(APP)_$(SERVICE) /bin/bash || true
@docker exec -it $(COMPOSE_PROJECT_NAME)_$(SERVICE) /bin/bash || true
logs:
@docker logs --follow --tail 100 $(USER)_$(ENV)_$(APP)_$(SERVICE) || true
@docker logs --follow --tail 100 $(COMPOSE_PROJECT_NAME)_$(SERVICE) || true
logs-nofollow:
@docker logs --tail 100 $(USER)_$(ENV)_$(APP)_$(SERVICE) || true
@docker logs --tail 100 $(COMPOSE_PROJECT_NAME)_$(SERVICE) || true
run:
@$(ARGS)

72
aws/aws.mk
View File

@ -1,6 +1,6 @@
# target aws: Fire docker-build-aws, Call aws ARGS
.PHONY: aws
aws: docker-build-aws
aws: $(if $(DOCKER_RUN),docker-build-aws)
$(call aws,$(ARGS))
# target aws-deploy: Call aws deploy create-deployment with application-name CODEDEPLOY_APP_NAME
@ -20,25 +20,25 @@ aws-docker-login: aws-ecr-get-login
# target aws-ecr-get-login: Exec 'Call aws ecr get-login'
.PHONY: aws-ecr-get-login
aws-ecr-get-login:
$(eval DRYRUN_IGNORE := true)
$(eval IGNORE_DRYRUN := true)
$(eval docker_login := $(shell $(call aws,ecr get-login --no-include-email --region $(AWS_DEFAULT_REGION))))
$(eval DRYRUN_IGNORE := FALSE)
$(ECHO) $(docker_login)
$(eval IGNORE_DRYRUN := FALSE)
$(RUN) $(docker_login)
# target aws-iam-create-role-%: Call aws iam create-role with role-name % and role-policy file aws/policies/%-trust.json
.PHONY: aws-iam-create-role-%
aws-iam-create-role-%: base docker-build-aws
$(eval DRYRUN_IGNORE := true)
$(eval json := $(shell $(call exec,envsubst < aws/policies/$*-trust.json)))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := true)
$(eval json := $(shell $(call exec,sh -c 'envsubst < aws/policies/$*-trust.json')))
$(eval IGNORE_DRYRUN := false)
$(call aws,iam create-role --role-name $* --assume-role-policy-document '$(json)')
# target aws-iam-put-role-policy-%: Call aws iam put-role-policy with policy-name % and policy-document file aws/policies/%.json
.PHONY: aws-iam-put-role-policy-%
aws-iam-put-role-policy-%: base docker-build-aws
$(eval DRYRUN_IGNORE := true)
$(eval json := $(shell $(call exec,envsubst < aws/policies/$*.json)))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := true)
$(eval json := $(shell $(call exec,sh -c 'envsubst < aws/policies/$*.json')))
$(eval IGNORE_DRYRUN := false)
$(call aws,iam put-role-policy --role-name $* --policy-name $* --policy-document '$(json)')
# target aws-role-create-import-image: Fire aws-iam-create-role-% aws-iam-put-role-policy-% for AWS_VM_IMPORT_ROLE_NAME
@ -49,9 +49,9 @@ aws-role-create-import-image: aws-iam-create-role-$(AWS_VM_IMPORT_ROLE_NAME) aw
.PHONY: aws-s3-check-upload
aws-s3-check-upload: docker-build-aws aws-s3api-get-head-object-etag
$(eval upload := true)
$(eval DRYRUN_IGNORE := true)
$(eval IGNORE_DRYRUN := true)
$(if $(AWS_S3_KEY_ETAG),$(if $(filter $(AWS_S3_KEY_ETAG),"$(shell cat $(PACKER_ISO_INFO) |awk '$$1 == "etag:" {print $$2}' 2>/dev/null)"),$(eval upload := false)))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := false)
# target aws-s3-cp: Fire aws-s3-check-upload, Call aws s3 cp PACKER_ISO_FILE s3://AWS_S3_BUCKET/AWS_S3_KEY, Call aws-s3-etag-save target
.PHONY: aws-s3-cp
@ -66,25 +66,25 @@ aws-s3-etag-save: docker-build-aws aws-s3api-get-head-object-etag
# target aws-s3api-get-head-object-etag: Eval AWS_S3_KEY_ETAG, Echo 'ETag: AWS_S3_KEY_ETAG'
.PHONY: aws-s3api-get-head-object-etag
aws-s3api-get-head-object-etag: docker-build-aws
$(eval DRYRUN_IGNORE := true)
$(eval IGNORE_DRYRUN := true)
$(eval AWS_S3_KEY_ETAG := $(shell $(call aws,s3api head-object --bucket $(AWS_S3_BUCKET) --key $(AWS_S3_KEY) --output text --query ETag) |grep -v 'operation: Not Found' 2>/dev/null))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := false)
echo ETag: $(AWS_S3_KEY_ETAG)
# target aws-s3api-get-head-object-lastmodified: Eval AWS_S3_KEY_DATE, Echo 'LastModified: AWS_S3_KEY_DATE'
.PHONY: aws-s3api-get-head-object-lastmodified
aws-s3api-get-head-object-lastmodified: docker-build-aws
$(eval DRYRUN_IGNORE := true)
$(eval IGNORE_DRYRUN := true)
$(eval AWS_S3_KEY_DATE := $(shell $(call aws,s3api head-object --bucket $(AWS_S3_BUCKET) --key $(AWS_S3_KEY) --output text --query LastModified) |grep -v 'operation: Not Found' 2>/dev/null))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := false)
echo LastModified: $(AWS_S3_KEY_DATE)
# target aws-ec2-import-snapshot: Call aws ec2 import-snapshot with S3Bucket AWS_S3_BUCKET and S3Key AWS_S3_KEY
.PHONY: aws-ec2-import-snapshot
aws-ec2-import-snapshot: base docker-build-aws aws-s3api-get-head-object-etag aws-s3api-get-head-object-lastmodified
$(eval DRYRUN_IGNORE := true)
$(eval json := $(shell $(call exec,envsubst < aws/import-snapshot.json)))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := true)
$(eval json := $(shell $(call exec,sh -c 'envsubst < aws/import-snapshot.json')))
$(eval IGNORE_DRYRUN := false)
$(eval AWS_TASK_ID := $(shell $(call aws,ec2 import-snapshot --description '$(AWS_SNAP_DESCRIPTION)' --output text --query ImportTaskId --disk-container '$(json)')))
echo ImportTaskId: $(AWS_TASK_ID)
@ -111,17 +111,17 @@ aws-ec2-describe-instances-PrivateIpAddress-%: docker-build-aws
# target aws-ec2-get-instances-PrivateIpAddress: Eval AWS_INSTANCE_IP, Echo 'PrivateIpAddress: AWS_INSTANCE_IP'
.PHONY: aws-ec2-get-instances-PrivateIpAddress
aws-ec2-get-instances-PrivateIpAddress: docker-build-aws
$(eval DRYRUN_IGNORE := true)
$(eval IGNORE_DRYRUN := true)
$(eval AWS_INSTANCE_IP := $(shell $(call aws,ec2 describe-instances --no-paginate --query 'Reservations[*].Instances[*].PrivateIpAddress' --output text) 2>/dev/null))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := false)
echo PrivateIpAddress: $(AWS_INSTANCE_IP)
# target aws-ec2-get-instances-PrivateIpAddress-%: Eval AWS_INSTANCE_IP with Name matching %, Echo 'PrivateIpAddress: AWS_INSTANCE_IP'
.PHONY: aws-ec2-get-instances-PrivateIpAddress-%
aws-ec2-get-instances-PrivateIpAddress-%:
$(eval DRYRUN_IGNORE := true)
$(eval IGNORE_DRYRUN := true)
$(eval AWS_INSTANCE_IP := $(shell $(call aws,ec2 describe-instances --no-paginate --filter 'Name=tag:Name$(comma)Values=$**' --query 'Reservations[*].Instances[*].PrivateIpAddress' --output text) 2>/dev/null))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := false)
echo PrivateIpAddress: $(AWS_INSTANCE_IP)
# target aws-ec2-get-import-snapshot-tasks-id: Fire aws-ec2-get-import-snapshot-tasks-id-% for AWS_TASK_ID
@ -131,41 +131,41 @@ aws-ec2-get-import-snapshot-tasks-id: aws-ec2-get-import-snapshot-tasks-id-$(AWS
# target aws-ec2-get-import-snapshot-tasks-id-%: Eval AWS_SNAP_IP with import-task-ids %, Echo 'SnapshotId: AWS_SNAP_IP'
.PHONY: aws-ec2-get-import-snapshot-tasks-id-%
aws-ec2-get-import-snapshot-tasks-id-%: docker-build-aws
$(eval DRYRUN_IGNORE := true)
$(eval IGNORE_DRYRUN := true)
$(eval AWS_SNAP_ID := $(shell $(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $* --output text --query ImportSnapshotTasks[0].SnapshotTaskDetail.SnapshotId) 2>/dev/null))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := false)
echo SnapshotId: $(AWS_SNAP_ID)
# target aws-ec2-get-import-snapshot-tasks-message-%: Eval AWS_SNAP_MESSAGE with import-task-ids %, Echo 'StatusMessage: AWS_SNAP_MESSAGE'
.PHONY: aws-ec2-get-import-snapshot-tasks-message-%
aws-ec2-get-import-snapshot-tasks-message-%: docker-build-aws
$(eval DRYRUN_IGNORE := true)
$(eval IGNORE_DRYRUN := true)
$(eval AWS_SNAP_MESSAGE := $(shell $(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $* --output text --query ImportSnapshotTasks[0].SnapshotTaskDetail.StatusMessage) 2>/dev/null))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := false)
echo StatusMessage: $(AWS_SNAP_MESSAGE)
# target aws-ec2-get-import-snapshot-tasks-progress-%: Eval AWS_SNAP_PROGRESS with import-task-ids %, Echo 'Progress: AWS_SNAP_PROGRESS'
.PHONY: aws-ec2-get-import-snapshot-tasks-progress-%
aws-ec2-get-import-snapshot-tasks-progress-%: docker-build-aws
$(eval DRYRUN_IGNORE := true)
$(eval IGNORE_DRYRUN := true)
$(eval AWS_SNAP_PROGRESS := $(shell $(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $* --output text --query ImportSnapshotTasks[0].SnapshotTaskDetail.Progress) 2>/dev/null))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := false)
echo Progress: $(AWS_SNAP_PROGRESS)
# target aws-ec2-get-import-snapshot-tasks-size-%: Eval AWS_SNAP_SIZE with import-task-ids %, Echo 'DiskImageSize: AWS_SNAP_SIZE'
.PHONY: aws-ec2-get-import-snapshot-tasks-size-%
aws-ec2-get-import-snapshot-tasks-size-%: docker-build-aws
$(eval DRYRUN_IGNORE := true)
$(eval IGNORE_DRYRUN := true)
$(eval AWS_SNAP_SIZE := $(shell $(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $* --output text --query ImportSnapshotTasks[0].SnapshotTaskDetail.DiskImageSize) 2>/dev/null))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := false)
echo DiskImageSize: $(AWS_SNAP_SIZE)
# target aws-ec2-get-import-snapshot-tasks-status-%: Eval AWS_SNAP_STATUS with import-task-ids %, Echo 'Status: AWS_SNAP_STATUS'
.PHONY: aws-ec2-get-import-snapshot-tasks-status-%
aws-ec2-get-import-snapshot-tasks-status-%: docker-build-aws
$(eval DRYRUN_IGNORE := true)
$(eval IGNORE_DRYRUN := true)
$(eval AWS_SNAP_STATUS := $(shell $(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $* --output text --query ImportSnapshotTasks[0].SnapshotTaskDetail.Status) 2>/dev/null))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := false)
echo Status: $(AWS_SNAP_STATUS)
# target aws-ec2-wait-import-snapshot-tasks-status-completed: Fire aws-ec2-wait-import-snapshot-tasks-status-completed-% for AWS_TASK_ID
@ -190,9 +190,9 @@ aws-ec2-wait-snapshot-completed-%: docker-build-aws
# target aws-ec2-register-image: Fire aws-ec2-get-import-snapshot-tasks-id, Eval AWS_AMI_ID with Name AWS_AMI_NAME, Echo 'ImageId: AWS_AMI_ID'
.PHONY: aws-ec2-register-image
aws-ec2-register-image: base docker-build-aws aws-ec2-get-import-snapshot-tasks-id
$(eval DRYRUN_IGNORE := true)
$(eval json := $(shell $(call exec,envsubst < aws/register-image-device-mappings.json)))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := true)
$(eval json := $(shell $(call exec,sh -c 'envsubst < aws/register-image-device-mappings.json')))
$(eval IGNORE_DRYRUN := false)
$(eval AWS_AMI_ID := $(shell $(call aws,ec2 register-image --name '$(AWS_AMI_NAME)' --description '$(AWS_AMI_DESCRIPTION)' --architecture x86_64 --root-device-name /dev/sda1 --virtualization-type hvm --block-device-mappings '$(json)') 2>/dev/null))
echo ImageId: $(AWS_AMI_ID)

23
aws/def.aws.mk
View File

@ -1,24 +1,21 @@
AWS_ACCESS_KEY_ID ?= $(shell $(call conf,$(HOME)/.aws/credentials,$(or $(AWS_PROFILE),default),aws_access_key_id))
AWS_AMI_DESCRIPTION ?= app: $(APP) branch: $(BRANCH) env: $(ENV) iso: $(AWS_S3_KEY) user: $(USER) version: $(VERSION)
AWS_AMI_NAME ?= $(USER)/$(ENV)/$(APP)/ami/$(VERSION)/$(shell date +%Y%m%dT%H%M%S)
AWS_ACCESS_KEY_ID := $(if $(AWS_CREDENTIALS),$(shell $(call conf,$(AWS_CREDENTIALS),$(or $(AWS_PROFILE),default),aws_access_key_id)))
AWS_AMI_DESCRIPTION ?= $(SERVICE_VERSION)
AWS_AMI_NAME ?= $(SERVICE_NAME)-$(AWS_S3_FILENAME)
AWS_CREDENTIALS ?= $(wildcard $(HOME)/.aws/credentials)
AWS_DEFAULT_REGION ?= eu-west-1
AWS_DEFAULT_OUTPUT ?= text
AWS_INSTANCE_ID ?= $(shell timeout 0.1 curl -s http://169.254.169.254/latest/meta-data/instance-id 2>/dev/null)
AWS_VM_IMPORT_ROLE_NAME ?= vmimport
AWS_S3_BUCKET ?= $(USER)-$(ENV)-config
AWS_S3_BUCKET ?= $(SERVICE_NAME)
AWS_S3_FILENAME ?= $(PACKER_ISO_NAME)
AWS_S3_KEY ?= $(PACKER_ISO_FILE)
AWS_SECRET_ACCESS_KEY ?= $(shell $(call conf,$(HOME)/.aws/credentials,$(or $(AWS_PROFILE),default),aws_secret_access_key))
AWS_SNAP_DESCRIPTION ?= iso: $(AWS_S3_KEY) env: $(ENV) app: $(APP) branch: $(BRANCH) version: $(VERSION) user: $(USER) etag: $(AWS_S3_KEY_ETAG) date: $(AWS_S3_KEY_DATE)
AWS_SECRET_ACCESS_KEY := $(if $(AWS_CREDENTIALS),$(shell $(call conf,$(AWS_CREDENTIALS),$(or $(AWS_PROFILE),default),aws_secret_access_key)))
AWS_SNAP_DESCRIPTION ?= $(SERVICE_NAME)-$(SERVICE_VERSION)-$(AWS_S3_FILENAME)
CMDS += aws
DOCKER_RUN_VOLUME += -v $(HOME)/.aws:/home/$(USER)/.aws
ENV_VARS += AWS_ACCESS_KEY_ID AWS_AMI_DESCRIPTION AWS_AMI_NAME AWS_DEFAULT_OUTPUT AWS_DEFAULT_REGION AWS_INSTANCE_ID AWS_PROFILE AWS_S3_BUCKET AWS_S3_KEY AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_SNAP_DESCRIPTION AWS_SNAP_ID
ifeq ($(DOCKER), true)
define aws
$(call run,$(DOCKER_SSH_AUTH) -v $$HOME/.aws:/root/.aws:ro anigeo/awscli:latest $(1))
endef
else
# function aws: Call run aws with arg 1
define aws
$(call run,aws $(1))
$(RUN) $(call run,aws $(1),$(DOCKER_REPOSITORY)/)
endef
endif

16
docker/alertmanager/Dockerfile
View File

@ -1,23 +1,9 @@
FROM quay.io/prometheus/alertmanager:latest as dist
LABEL maintainer "jc.iacono.gm@gmail.com"
ARG DOCKER_BUILD_DIR
ARG SLACK_WEBHOOK_ID
COPY ${DOCKER_BUILD_DIR}/config.tmpl /etc/alertmanager/config.tmpl
RUN sed 's@SLACK_WEBHOOK_ID@'"${SLACK_WEBHOOK_ID:-UNDEFINED}"'@g' /etc/alertmanager/config.tmpl > /etc/alertmanager/alertmanager.yml
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

41
docker/alertmanager/config.tmpl
View File

@ -5,14 +5,14 @@ global:
slack_api_url: SLACK_WEBHOOK_ID
# The smarthost and SMTP sender used for mail notifications.
# smtp_smarthost: 'localhost:25'
# smtp_from: 'alertmanager@1001pharmacies.com'
# smtp_from: 'alertmanager@domain.com'
# The root route on which each incoming alert enters.
route:
# The root route must not have any matchers as it is the entry point for
# all alerts. It needs to have a receiver configured so alerts that do not
# match any of the sub-routes are sent to someone.
receiver: '1001-slack-default'
receiver: 'slack-default'
# The labels by which incoming alerts are grouped together. For example,
# multiple alerts coming in for cluster=A and alertname=LatencyHigh would
@ -52,43 +52,43 @@ route:
severity: "low"
instance: "Hourly GMV"
type: "lower than static threshold"
receiver: 1001-slack-gmv-static-low
receiver: slack-gmv-static-low
- match:
severity: "high"
instance: "Hourly GMV"
type: "lower than static threshold"
receiver: 1001-slack-gmv-static-high
receiver: slack-gmv-static-high
- match:
severity: "low"
instance: "Hourly GMV"
receiver: 1001-slack-gmv-low
receiver: slack-gmv-low
- match:
severity: "high"
instance: "Hourly GMV"
receiver: 1001-slack-gmv-high
receiver: slack-gmv-high
- match:
instance: "Hourly GMV test"
receiver: 1001-slack-gmv-low
receiver: slack-gmv-low
- match:
severity: "low"
receiver: 1001-slack-generic-low
receiver: slack-generic-low
- match:
severity: "medium"
receiver: 1001-slack-generic-medium
receiver: slack-generic-medium
- match:
severity: "high"
receiver: 1001-slack-generic-high
receiver: slack-generic-high
- match:
severity: "critical"
receiver: 1001-slack-generic-critical
receiver: slack-generic-critical
# The service has a sub-route for critical alerts, any alerts
@ -140,7 +140,7 @@ inhibit_rules:
receivers:
- name: '1001-slack-gmv-static-low'
- name: 'slack-gmv-static-low'
slack_configs:
- api_url: SLACK_WEBHOOK_ID
send_resolved: true
@ -149,7 +149,7 @@ receivers:
title: ':mostly_sunny: {{ .Status|toUpper }} issue on [ {{ .CommonLabels.instance }} ]'
text: "{{ .CommonAnnotations.description }}"
- name: '1001-slack-gmv-static-high'
- name: 'slack-gmv-static-high'
slack_configs:
- api_url: SLACK_WEBHOOK_ID
send_resolved: true
@ -158,7 +158,7 @@ receivers:
title: ':tornado: {{ .Status|toUpper }} issue on [ {{ .CommonLabels.instance }} ]'
text: "{{ .CommonAnnotations.description }}"
- name: '1001-slack-gmv-low'
- name: 'slack-gmv-low'
slack_configs:
- api_url: SLACK_WEBHOOK_ID
send_resolved: true
@ -169,7 +169,7 @@ receivers:
\n
\n{{ .CommonAnnotations.query }}"
- name: '1001-slack-gmv-high'
- name: 'slack-gmv-high'
slack_configs:
- api_url: SLACK_WEBHOOK_ID
send_resolved: true
@ -180,7 +180,7 @@ receivers:
\n
\n{{ .CommonAnnotations.query }}"
- name: '1001-slack-generic-low'
- name: 'slack-generic-low'
slack_configs:
- api_url: SLACK_WEBHOOK_ID
send_resolved: true
@ -189,7 +189,7 @@ receivers:
title: ':mostly_sunny: {{ .Status|toUpper }} issue on [ {{ .CommonLabels.instance }} ]'
text: "*{{ .CommonLabels.instance }}* had a *{{ .CommonLabels.type }}* issue for a few seconds."
- name: '1001-slack-generic-medium'
- name: 'slack-generic-medium'
slack_configs:
- api_url: SLACK_WEBHOOK_ID
send_resolved: true
@ -198,7 +198,7 @@ receivers:
title: ':sun_behind_rain_cloud: {{ .Status|toUpper }} issue on [ {{ .CommonLabels.instance }} ]'
text: "*{{ .CommonLabels.instance }}* had a *{{ .CommonLabels.type }}* issue for more than 5 minutes."
- name: '1001-slack-generic-high'
- name: 'slack-generic-high'
slack_configs:
- api_url: SLACK_WEBHOOK_ID
send_resolved: true
@ -207,7 +207,7 @@ receivers:
title: ':tornado: {{ .Status|toUpper }} issue on {{ .CommonLabels.instance }}'
text: "*{{ .CommonLabels.instance }}* had a *{{ .CommonLabels.type }}* issue for an hour"
- name: '1001-slack-generic-critical'
- name: 'slack-generic-critical'
slack_configs:
- api_url: SLACK_WEBHOOK_ID
send_resolved: true
@ -216,10 +216,9 @@ receivers:
title: ':boom: {{ .Status|toUpper }} issue on {{ .CommonLabels.instance }}'
text: "*{{ .CommonLabels.instance }}* had a *{{ .CommonLabels.type }}* issue for more than 12 hours"
- name: '1001-slack-default'
- name: 'slack-default'
slack_configs:
- api_url: SLACK_WEBHOOK_ID
send_resolved: true
username: 'Chouette Vigilante [default]'
icon_emoji: ':owl:'

18
docker/ansible/Dockerfile
View File

@ -1,6 +1,8 @@
FROM alpine:latest as dist
ARG DOCKER_BUILD_DIR
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN apk --no-cache add \
ansible \
py3-pip
@ -10,15 +12,13 @@ RUN pip3 install boto
ENTRYPOINT ["/usr/bin/ansible"]
CMD ["--help"]
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a numeric UID
RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
@ -41,15 +41,3 @@ RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
|| true
USER $USER
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR

4
docker/apm-server-oss/Dockerfile
View File

@ -1,10 +1,8 @@
FROM docker.elastic.co/apm/apm-server-oss:7.4.2 as dist
ARG DOCKER_BUILD_DIR
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
# config
COPY ${DOCKER_BUILD_DIR}/apm-server.yml /usr/share/apm-server/
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR

18
docker/aws/Dockerfile
View File

@ -1,6 +1,8 @@
FROM alpine:latest as dist
ARG DOCKER_BUILD_DIR
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN apk --no-cache add \
groff \
less \
@ -12,15 +14,13 @@ RUN apk --no-cache upgrade
ENTRYPOINT ["/usr/bin/aws"]
CMD ["help"]
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a numeric UID
RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
@ -43,15 +43,3 @@ RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
|| true
USER $USER
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR

14
docker/blackbox/Dockerfile
View File

@ -3,17 +3,5 @@ ARG DOCKER_BUILD_DIR
COPY ${DOCKER_BUILD_DIR}/config.yml /etc/blackbox_exporter/config.yml
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

31
docker/cli/Dockerfile
View File

@ -1,15 +1,14 @@
FROM alpine:latest as dist
ARG DOCKER_BUILD_DIR
ARG GIT_AUTHOR_NAME
ARG GIT_AUTHOR_EMAIL
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
LABEL maintainer aynic.os <support+docker@asycn.io>
arg GIT_AUTHOR_NAME
arg GIT_AUTHOR_EMAIL
env GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME:-1001Pharmacies}
env GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL:-technique+docker@1001pharmacies.com}
env GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME}
env GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL}
ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
ENV GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME}
ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL}
RUN apk upgrade --no-cache \
&& apk add --no-cache \
@ -37,7 +36,7 @@ RUN git clone https://github.com/ingydotnet/git-subrepo \
CMD ["bash"]
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR
ARG DOCKER_GID
ARG SHELL=/bin/bash
@ -50,8 +49,6 @@ ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a numeric UID
RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
@ -124,15 +121,3 @@ RUN mkdir -p ~/.ssh ~/.config/git \
*.swp\n\
Thumbs.db\n\
" > ~/.config/git/ignore
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR

16
docker/consul/Dockerfile
View File

@ -1,7 +1,7 @@
FROM consul:1.6.1 as dist
ARG DOCKER_BUILD_DIR
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
LABEL maintainer aynic.os <support+docker@asycn.io>
# install docker
RUN apk add --no-cache bash docker gawk sudo \
@ -17,17 +17,5 @@ RUN chmod +rx /usr/local/bin/container-check-status /usr/local/bin/container-lis
HEALTHCHECK CMD goss -g /tests/goss.yml validate --format tap
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

16
docker/elastic/apm-server-oss/Dockerfile
View File

@ -1,22 +1,8 @@
FROM docker.elastic.co/apm/apm-server-oss:7.4.2 as dist
ARG DOCKER_BUILD_DIR
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
# config
COPY ${DOCKER_BUILD_DIR}/apm-server.yml /usr/share/apm-server/
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

16
docker/elastic/apm-server/Dockerfile
View File

@ -1,22 +1,8 @@
FROM docker.elastic.co/apm/apm-server-oss:7.4.2 as dist
ARG DOCKER_BUILD_DIR
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
# config
# COPY ${DOCKER_BUILD_DIR}/apm-server.yml /usr/share/apm-server/
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

21
docker/elastic/curator/Dockerfile
View File

@ -1,9 +1,9 @@
FROM alpine:latest as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
ARG CURATOR_VERSION=5.8.3
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN apk --no-cache add \
bash \
py-pip \
@ -15,7 +15,7 @@ COPY ${DOCKER_BUILD_DIR}/action.yml /etc/curator/
ENTRYPOINT ["/docker-entrypoint.sh"]
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR
# install cronlock
@ -25,18 +25,3 @@ RUN chmod +rx /usr/bin/cronlock
# install ssmtp
RUN apk --no-cache add ssmtp && \
echo "FromLineOverride=YES" >> /etc/ssmtp/ssmtp.conf
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
COPY build/curator/cronlock.conf /etc/cronlock.conf
COPY build/curator/ssmtp.conf /etc/ssmtp/ssmtp.conf
FROM preprod as prod
ARG DOCKER_BUILD_DIR

14
docker/es-exporter/Dockerfile
View File

@ -3,17 +3,5 @@ ARG DOCKER_BUILD_DIR
COPY ${DOCKER_BUILD_DIR}/exporter.cfg /usr/src/app
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

19
docker/goofys/Dockerfile
View File

@ -1,9 +1,9 @@
FROM golang:1.12-alpine AS builder
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
ARG GOOFYS_VERSION=v0.20.0
LABEL maintainer aynic.os <support+docker@asycn.io>
WORKDIR /go/src/github.com/kahing/goofys/
RUN apk --no-cache upgrade \
@ -15,6 +15,7 @@ RUN apk --no-cache upgrade \
FROM alpine:latest as dist
ARG DOCKER_BUILD_DIR
RUN apk add --no-cache ca-certificates
COPY --from=builder /go/bin/goofys /bin/goofys
@ -22,17 +23,5 @@ ENTRYPOINT ["/bin/goofys"]
# goofys -f --region $REGION --stat-cache-ttl $STAT_CACHE_TTL --type-cache-ttl $TYPE_CACHE_TTL --dir-mode $DIR_MODE --file-mode $FILE_MODE -o nonempty $BUCKET $MOUNT_DIR
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

18
docker/grafana/Dockerfile
View File

@ -1,13 +1,13 @@
FROM grafana/grafana:latest as dist
LABEL maintainer "jc.iacono.gm@gmail.com"
ARG DOCKER_BUILD_DIR
ARG AWS_ACCESS_KEY
ARG AWS_SECRET_KEY
ARG MYSQL_GRAFANA_USER
ARG MYSQL_GRAFANA_PASSWORD
ARG MYSQL_GRAFANA_DB
LABEL maintainer aynic.os <support+docker@asycn.io>
COPY ${DOCKER_BUILD_DIR}/config.ini /etc/grafana/config.ini
COPY ${DOCKER_BUILD_DIR}/dashboards /etc/grafana/dashboards
COPY ${DOCKER_BUILD_DIR}/provisioning /etc/grafana/provisioning
@ -23,17 +23,5 @@ USER grafana
ENTRYPOINT ["/docker-entrypoint.sh"]
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

24
docker/http/alpine/Dockerfile
View File

@ -1,10 +1,10 @@
FROM httpd:alpine as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
ARG HTTPD_LOAD_MODULE="env expires headers lbmethod_bybusyness lbmethod_byrequests proxy proxy_balancer proxy_fcgi proxy_http setenvif slotmem_shm reqtimeout rewrite"
ARG HTTPD_CONF_EXTRA="default info mpm vhosts"
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN sed -E -i \
-e 's!^#?\s*(LoadModule ('${HTTPD_LOAD_MODULE// /|}')_module modules/mod_('${HTTPD_LOAD_MODULE// /|}').so)\s*!\1!g' \
-e 's!^#?\s*(Include conf/extra/httpd-('${HTTPD_CONF_EXTRA// /|}').conf)\s*!\1!g' \
@ -21,23 +21,5 @@ CMD /usr/local/bin/consul-template -log-level info -consul-addr consul:8500 -tem
EXPOSE 80/tcp
FROM dist as local
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

2
docker/http/alpine/httpd-vhosts.ctmpl
View File

@ -1,7 +1,7 @@
{{ $serverName := printf "%s.%s.%s" (env "APP") (env "ENV") (env "USER") }}
{{ $serviceName := printf "%s-%s-%s-php-9000" (env "USER") (env "ENV") (env "APP") }}
<VirtualHost *:80>
ServerAdmin technique@1001pharmacies.com
ServerAdmin support+apache@asycn.io
DocumentRoot "/var/www/web"
ServerName {{ $serverName }}
ServerAlias *

18
docker/mysql/5.6/Dockerfile
View File

@ -1,7 +1,7 @@
FROM mysql:5.6.44 as dist
ARG DOCKER_BUILD_DIR
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
LABEL maintainer aynic.os <support+docker@asycn.io>
# config
COPY ${DOCKER_BUILD_DIR}/conf.d/all.cnf /etc/mysql/conf.d/
@ -13,20 +13,8 @@ COPY ${DOCKER_BUILD_DIR}/goss.yml /tests/goss.yml
HEALTHCHECK CMD goss -g /tests/goss.yml validate --format tap
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR
# config
COPY ${DOCKER_BUILD_DIR}/conf.d/local.cnf /etc/mysql/conf.d/
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR
COPY ${DOCKER_BUILD_DIR}/conf.d/master.cnf /etc/mysql/conf.d/

0
docker/mysql/5.6/conf.d/local.cnf → docker/mysql/5.6/conf.d/master.cnf
View File

18
docker/openstack/Dockerfile
View File

@ -1,6 +1,8 @@
FROM alpine:latest as dist
ARG DOCKER_BUILD_DIR
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN apk --no-cache add libffi openssl python3 py3-pip py3-netifaces
RUN apk --no-cache add --virtual .build-deps \
@ -17,15 +19,13 @@ RUN apk --no-cache upgrade
ENTRYPOINT ["/usr/bin/openstack"]
CMD ["help"]
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a numeric UID
RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
@ -48,15 +48,3 @@ RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
|| true
USER $USER
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR

19
docker/packer/Dockerfile
View File

@ -1,7 +1,8 @@
FROM alpine:latest as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
LABEL maintainer aynic.os <support+docker@asycn.io>
ENV PACKER_VERSION=1.6.6
RUN apk --no-cache add \
@ -25,15 +26,13 @@ RUN rm -f packer_${PACKER_VERSION}_linux_amd64.zip
ENTRYPOINT ["/bin/packer"]
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a specific UID
RUN let $UID >/dev/null 2>&1 \
@ -56,15 +55,3 @@ RUN let $UID >/dev/null 2>&1 \
|| true
USER $USER
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR

2
docker/pdns-server/.gitrepo
View File

@ -4,7 +4,7 @@
; git-subrepo command. See https://github.com/git-commands/git-subrepo#readme
;
[subrepo]
remote = ssh://git@github.com/1001Pharmacies/docker-pdns-server
remote = ssh://git@github.com/aynicos/docker-pdns-server
branch = master
commit = 6d3c4ce70cbb38d237be757206bfbf082ce2ba3e
parent = 9de6b77b0d944fe6efa7b020ba7c2dbbba5df4f8

17
docker/pdns-server/Dockerfile
View File

@ -1,10 +1,11 @@
FROM alpine:3.11 as dist
LABEL maintainer "yann.autissier@gmail.com"
ARG DOCKER_BUILD_DIR
ARG VERSION_PDNS_REC=4.2.1
ARG VERSION_PDNS_AUTH=4.2.1
ARG VERSION_PDNS_DNSDIST=1.4.0
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN apk upgrade --no-cache \
&& apk add --no-cache --virtual .build-deps \
autoconf \
@ -63,17 +64,5 @@ ENTRYPOINT ["/docker-entrypoint.sh"]
EXPOSE 53/udp 53/tcp
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

15
docker/phabricator-daemon/Dockerfile
View File

@ -1,5 +1,4 @@
FROM phabricator/daemon:latest as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
RUN apt-get update \
@ -7,17 +6,5 @@ RUN apt-get update \
openssh-client \
&& rm -rf /var/lib/apt/lists/*
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

15
docker/phabricator/Dockerfile
View File

@ -1,22 +1,9 @@
FROM phabricator/phabricator:latest as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
RUN { \
echo 'mysqli.allow_local_infile = 0'; \
} > /usr/local/etc/php/conf.d/mysql.ini
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

24
docker/php/5.6-fpm-alpine/Dockerfile
View File

@ -1,7 +1,5 @@
FROM php:5.6-fpm-alpine as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
ARG AMQP_VERSION=stable
ARG APCU_VERSION=4.0.11
ARG BLACKFIRE_VERSION=1.31.0
@ -20,6 +18,8 @@ ARG TWIG_VERSION=1.35.3
ARG XCACHE_VERSION=3.2.0
ARG XDEBUG_VERSION=2.5.5
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN apk --no-cache upgrade \
&& apk add --no-cache --virtual .build-deps \
$PHPIZE_DEPS \
@ -203,14 +203,12 @@ WORKDIR /var/www
# redirect LOG_STREAM to stdout and start php-fpm with environment variables from .env
CMD [ "sh", "-c", "(exec 3<>$LOG_STREAM; cat <&3 >&1 & IFS=$'\n'; exec env $(cat .env 2>/dev/null) php-fpm)" ]
FROM dist as local
FROM dist as master
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a specific UID
RUN let $UID >/dev/null 2>&1 \
@ -236,17 +234,7 @@ RUN chown -R $USER /usr/local/etc/php/conf.d/
USER $USER
ARG SSH_REMOTE_HOSTS
RUN mkdir -p ~/.ssh \
&& ssh-keyscan -t rsa -H github.com >> ~/.ssh/known_hosts
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR
&& ssh-keyscan -t rsa -H $SSH_REMOTE_HOSTS >> ~/.ssh/known_hosts

24
docker/php/7.0-fpm-alpine/Dockerfile
View File

@ -1,7 +1,5 @@
FROM php:7.0-fpm-alpine as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
ARG AMQP_VERSION=stable
ARG AST_VERSION=stable
ARG APCU_VERSION=stable
@ -27,6 +25,8 @@ ARG XDEBUG_VERSION=2.7.2
ARG XHPROF_VERSION=2.2.0
ARG YAML_VERSION=stable
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN apk --no-cache upgrade \
&& apk add --no-cache --virtual .build-deps \
$PHPIZE_DEPS \
@ -234,14 +234,12 @@ WORKDIR /var/www
# redirect LOG_STREAM to stdout and start php-fpm with environment variables from .env
CMD [ "sh", "-c", "(exec 3<>$LOG_STREAM; cat <&3 >&1 & IFS=$'\n'; exec env $(cat .env 2>/dev/null) php-fpm)" ]
FROM dist as local
FROM dist as master
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a specific UID
RUN let $UID >/dev/null 2>&1 \
@ -267,17 +265,7 @@ RUN chown -R $USER /usr/local/etc/php/conf.d/
USER $USER
ARG SSH_REMOTE_HOSTS
RUN mkdir -p ~/.ssh \
&& ssh-keyscan -t rsa -H github.com >> ~/.ssh/known_hosts
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR
&& ssh-keyscan -t rsa -H $SSH_REMOTE_HOSTS >> ~/.ssh/known_hosts

24
docker/php/7.1-fpm-alpine/Dockerfile
View File

@ -1,7 +1,5 @@
FROM php:7.1-fpm-alpine as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
ARG AMQP_VERSION=stable
ARG AST_VERSION=stable
ARG APCU_VERSION=stable
@ -27,6 +25,8 @@ ARG XDEBUG_VERSION=stable
ARG XHPROF_VERSION=2.2.0
ARG YAML_VERSION=stable
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN apk --no-cache upgrade \
&& apk add --no-cache --virtual .build-deps \
$PHPIZE_DEPS \
@ -226,14 +226,12 @@ WORKDIR /var/www
# redirect LOG_STREAM to stdout and start php-fpm with environment variables from .env
CMD [ "sh", "-c", "(exec 3<>$LOG_STREAM; cat <&3 >&1 & IFS=$'\n'; exec env $(cat .env 2>/dev/null) php-fpm)" ]
FROM dist as local
FROM dist as master
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a specific UID
RUN let $UID >/dev/null 2>&1 \
@ -259,17 +257,7 @@ RUN chown -R $USER /usr/local/etc/php/conf.d/
USER $USER
ARG SSH_REMOTE_HOSTS
RUN mkdir -p ~/.ssh \
&& ssh-keyscan -t rsa -H github.com >> ~/.ssh/known_hosts
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR
&& ssh-keyscan -t rsa -H $SSH_REMOTE_HOSTS >> ~/.ssh/known_hosts

24
docker/php/7.2-fpm-alpine/Dockerfile
View File

@ -1,7 +1,5 @@
FROM php:7.2-fpm-alpine as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
ARG AMQP_VERSION=stable
ARG AST_VERSION=stable
ARG APCU_VERSION=stable
@ -27,6 +25,8 @@ ARG XDEBUG_VERSION=stable
ARG XHPROF_VERSION=2.2.0
ARG YAML_VERSION=stable
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN apk --no-cache upgrade \
&& apk add --no-cache --virtual .build-deps \
$PHPIZE_DEPS \
@ -231,14 +231,12 @@ WORKDIR /var/www
# redirect LOG_STREAM to stdout and start php-fpm with environment variables from .env
CMD [ "sh", "-c", "(exec 3<>$LOG_STREAM; cat <&3 >&1 & IFS=$'\n'; exec env $(cat .env 2>/dev/null) php-fpm)" ]
FROM dist as local
FROM dist as master
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a specific UID
RUN let $UID >/dev/null 2>&1 \
@ -264,17 +262,7 @@ RUN chown -R $USER /usr/local/etc/php/conf.d/
USER $USER
ARG SSH_REMOTE_HOSTS
RUN mkdir -p ~/.ssh \
&& ssh-keyscan -t rsa -H github.com >> ~/.ssh/known_hosts
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR
&& ssh-keyscan -t rsa -H $SSH_REMOTE_HOSTS >> ~/.ssh/known_hosts

24
docker/php/7.3-fpm-alpine/Dockerfile
View File

@ -1,7 +1,5 @@
FROM php:7.3-fpm-alpine as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
ARG AMQP_VERSION=stable
ARG AST_VERSION=stable
ARG APCU_VERSION=stable
@ -26,6 +24,8 @@ ARG XDEBUG_VERSION=stable
ARG XHPROF_VERSION=2.2.0
ARG YAML_VERSION=stable
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN apk --no-cache upgrade \
&& apk add --no-cache --virtual .build-deps \
$PHPIZE_DEPS \
@ -228,14 +228,12 @@ RUN ln -s /shared /var/www/shared
WORKDIR /var/www
CMD [ "sh", "-c", "(IFS=$'\n'; exec env $(cat .env 2>/dev/null) php-fpm)" ]
FROM dist as local
FROM dist as master
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a specific UID
RUN let $UID >/dev/null 2>&1 \
@ -261,17 +259,7 @@ RUN chown -R $USER /usr/local/etc/php/conf.d/
USER $USER
ARG SSH_REMOTE_HOSTS
RUN mkdir -p ~/.ssh \
&& ssh-keyscan -t rsa -H github.com >> ~/.ssh/known_hosts
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR
&& ssh-keyscan -t rsa -H $SSH_REMOTE_HOSTS >> ~/.ssh/known_hosts

18
docker/prometheus/Dockerfile
View File

@ -1,10 +1,10 @@
FROM quay.io/prometheus/prometheus:latest as dist
LABEL maintainer "jc.iacono.gm@gmail.com"
ARG DOCKER_BUILD_DIR
ARG MONITORING_PRIMARY_TARGETS_BLACKBOX
ARG MONITORING_SECONDARY_TARGETS_BLACKBOX
LABEL maintainer aynic.os <support+docker@asycn.io>
COPY ${DOCKER_BUILD_DIR}/prometheus.tmpl /etc/prometheus/prometheus.tmpl
COPY ${DOCKER_BUILD_DIR}/alert-rules.yml /etc/prometheus/alert-rules.yml
@ -18,17 +18,5 @@ COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD []
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

28
docker/registrator/Dockerfile
View File

@ -1,14 +1,14 @@
FROM golang:1.9.4-alpine3.7 AS builder
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
ARG GIT_AUTHOR_NAME
ARG GIT_AUTHOR_EMAIL
arg GIT_AUTHOR_NAME
arg GIT_AUTHOR_EMAIL
LABEL maintainer aynic.os <support+docker@asycn.io>
env GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME:-1001Pharmacies}
env GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL:-technique+docker@1001pharmacies.com}
env GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME}
env GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL}
ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
ENV GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME}
ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL}
WORKDIR /go/src/github.com/gliderlabs/registrator/
RUN \
@ -39,17 +39,5 @@ COPY --from=builder /go/src/github.com/gliderlabs/registrator/bin/registrator /b
ENTRYPOINT ["/bin/registrator"]
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

17
docker/riofs/Dockerfile
View File

@ -1,7 +1,8 @@
FROM alpine:latest as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
LABEL maintainer aynic.os <support+docker@asycn.io>
WORKDIR /usr/src
# Install riofs
@ -40,17 +41,5 @@ RUN apk upgrade --no-cache \
ENTRYPOINT /usr/local/bin/riofs
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

20
docker/s3fs/Dockerfile
View File

@ -1,9 +1,9 @@
FROM alpine:latest as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
ARG S3FS_VERSION=v1.85
LABEL maintainer aynic.os <support+docker@asycn.io>
# Install s3fs-fuse
RUN apk --no-cache upgrade \
&& apk --no-cache add --virtual .build-deps \
@ -40,15 +40,13 @@ VOLUME ${S3FS_DIR}
COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /
ENTRYPOINT /docker-entrypoint.sh
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR
ARG UID=0
ARG USER=root
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a specific UID
RUN let $UID >/dev/null 2>&1 \
@ -69,15 +67,3 @@ RUN let $UID >/dev/null 2>&1 \
&& mkdir -p /home/$USER \
&& chown $UID:$GID /home/$USER \
|| true
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR

29
docker/sematext/logagent/Dockerfile
View File

@ -1,15 +1,14 @@
FROM sematext/logagent:latest as dist
ARG DOCKER_BUILD_DIR
ARG GIT_AUTHOR_NAME
ARG GIT_AUTHOR_EMAIL
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
LABEL maintainer aynic.os <support+docker@asycn.io>
arg GIT_AUTHOR_NAME
arg GIT_AUTHOR_EMAIL
env GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME:-1001Pharmacies}
env GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL:-technique+docker@1001pharmacies.com}
env GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME}
env GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL}
ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
ENV GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME}
ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL}
RUN apk add --no-cache \
git
@ -21,17 +20,5 @@ RUN cd / \
&& git rebase d168bd0e8745a077e962248741f6be9fbeb7a8b5 \
&& git stash pop
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

23
docker/ssh/Dockerfile
View File

@ -1,7 +1,7 @@
FROM alpine:latest as dist
ARG DOCKER_BUILD_DIR
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
LABEL maintainer aynic.os <support+docker@asycn.io>
# Install dependencies
RUN apk add --no-cache \
@ -13,8 +13,6 @@ ENV SOCKET_DIR /tmp/ssh-agent
ENV SSH_AUTH_SOCK ${SOCKET_DIR}/socket
ENV SSH_AUTH_PROXY_SOCK ${SOCKET_DIR}/proxy-socket
VOLUME ${SOCKET_DIR}
# Copy entrypoint script to container
COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh
@ -22,7 +20,7 @@ ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["ssh-agent"]
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR
ARG UID
ARG GID
@ -30,8 +28,6 @@ ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a specific UID
RUN let $UID >/dev/null 2>&1 \
@ -53,16 +49,7 @@ RUN let $UID >/dev/null 2>&1 \
&& chown $UID:$GID /home/$USER \
|| true
RUN mkdir -p $SOCKET_DIR && chown $USER $SOCKET_DIR
VOLUME ${SOCKET_DIR}
USER $USER
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR

18
docker/terraform/Dockerfile
View File

@ -1,17 +1,17 @@
FROM hashicorp/terraform:light as dist
ARG DOCKER_BUILD_DIR
LABEL maintainer aynic.os <support+docker@asycn.io>
RUN apk --no-cache upgrade
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR
ARG UID
ARG USER
ENV UID=${UID}
ENV GID=${UID}
ENV USER=${USER}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a numeric UID
RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
@ -34,15 +34,3 @@ RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
|| true
USER $USER
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR

3
docker/theia/.tmux/sessions/aws-preprod
View File

@ -1,3 +1,2 @@
new-session -A -s aws-preprod
run-shell "ssh sshuser@ssh-bastion make list-nodes |sed '1d' |awk '$1 ~ /^enovasante.aws-eu-west-1.web.(preprod.[a-z]+-[0-9a-z]+|[a-z]+pp-[0-9a-z]+)$/' |while read host ip; do type=\${host#*web.}; type=\${type#*preprod.}; type=\${type#*preprod-}; num=\$(printf '%0d' \${ip}); num=\$(echo \${ip} | tr . '\n' | awk '{n = n*256 + $1} END{print n}'); tmux neww -t aws-preprod:\$num -n \$type '/bin/bash -cli \"force ssh -Aqt ssh-bastion ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 'enovadmin@\$ip'\"'; done"
run-shell "ssh sshuser@ssh-bastion make list-nodes |sed '1d' |awk '$1 ~ /^1001pharmacies\.preprod\.[0-9a-z]+$/' |while read host ip; do type=\${host#*preprod.}; num=\$(printf '%0d' \${ip}); num=\$(echo \${ip} | tr . '\n' | awk '{n = n*256 + $1} END{print n}'); tmux neww -t aws-preprod:\$num -n \$type '/bin/bash -cli \"force ssh -Aqt ssh-bastion ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 'root@\$ip'\"'; done"
run-shell "ssh sshuser@ssh-bastion make list-nodes |sed '1d' |awk '$1 ~ /^aws\.preprod\.[0-9a-z]+$/' |while read host ip; do type=\${host#*preprod.}; num=\$(printf '%0d' \${ip}); num=\$(echo \${ip} | tr . '\n' | awk '{n = n*256 + $1} END{print n}'); tmux neww -t aws-preprod:\$num -n \$type '/bin/bash -cli \"force ssh -Aqt ssh-bastion ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 'root@\$ip'\"'; done"

3
docker/theia/.tmux/sessions/aws-prod
View File

@ -1,3 +1,2 @@
new-session -A -s aws-prod
run-shell "ssh sshuser@ssh-bastion make list-nodes |sed '1d' |awk '$1 ~ /^1001pharmacies\.prod\.[0-9a-z]+$/' |while read host ip; do type=\${host#*prod.}; num=\$(printf '%0d' \${ip}); num=\$(echo \${ip} | tr . '\n' | awk '{n = n*256 + $1} END{print n}'); tmux neww -t aws-prod:\$num -n \$type '/bin/bash -cli \"force ssh -Aqt ssh-bastion ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 'root@\$ip'\"'; done"
run-shell "ssh sshuser@ssh-bastion make list-nodes |sed '1d' |awk '$1 ~ /enovasante.aws-eu-west-1.web.[a-z]+[^pp]-[0-9a-z]+$/' |while read host ip; do type=\${host#*web.}; num=\$(printf '%0d' \${ip}); num=\$(echo \${ip} | tr . '\n' | awk '{n = n*256 + $1} END{print n}'); tmux neww -t aws-prod:\$num -n \$type '/bin/bash -cli \"force ssh -Aqt ssh-bastion ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 'enovadmin@\$ip'\"'; done"
run-shell "ssh sshuser@ssh-bastion make list-nodes |sed '1d' |awk '$1 ~ /^aws\.prod\.[0-9a-z]+$/' |while read host ip; do type=\${host#*prod.}; num=\$(printf '%0d' \${ip}); num=\$(echo \${ip} | tr . '\n' | awk '{n = n*256 + $1} END{print n}'); tmux neww -t aws-prod:\$num -n \$type '/bin/bash -cli \"force ssh -Aqt ssh-bastion ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no 'root@\$ip'\"'; done"

24
docker/theia/Dockerfile
View File

@ -1,8 +1,9 @@
FROM ubuntu:18.04 as dist
LABEL maintainer 1001Pharmacies <technique+docker@1001pharmacies.com>
ARG DOCKER_BUILD_DIR
# https://github.com/theia-ide/theia-apps/blob/master/theia-full-docker/Dockerfile
LABEL maintainer aynic.os <support+docker@asycn.io>
ENV DEBIAN_FRONTEND noninteractive
#Common deps
@ -157,7 +158,7 @@ RUN apt-get install -y \
## Common tools
RUN apt-get -y install nano screen tig tmux vim-nox zsh
FROM dist as local
FROM dist as master
ARG DOCKER_BUILD_DIR
ARG DOCKER_GID
ARG SHELL=/bin/bash
@ -171,9 +172,6 @@ ARG USER
ENV UID=${UID}
ENV GID=${GID:-${UID}}
ENV USER=${USER:-root}
LABEL com.1001pharmacies.uid=${UID}
LABEL com.1001pharmacies.gid=${GID}
LABEL com.1001pharmacies.user=${USER}
# If we provide a numeric UID
RUN [ "$UID" -eq "$UID" ] 2>/dev/null \
@ -258,8 +256,8 @@ COPY ${DOCKER_BUILD_DIR}/.tmux /home/$USER/.tmux/
ARG GIT_AUTHOR_NAME
ARG GIT_AUTHOR_EMAIL
ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME:-1001Pharmacies}
ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL:-technique+docker@1001pharmacies.com}
ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
ENV GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME}
ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL}
@ -268,15 +266,3 @@ ENV WORKSPACE_DIR=/Sources
ENTRYPOINT yarn theia start $WORKSPACE_DIR --hostname=0.0.0.0
EXPOSE 3000
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
ARG DOCKER_BUILD_DIR

375
docker/theia/rc_functions.sh
View File

@ -1,124 +1,283 @@
# force a command to run and restart it when it exits
force () {
PS_X_FIELD=1
if [ $# -gt 0 ]; then
# awk expression to match $@
while true; do
[ $(ps wwx -o args |awk '
BEGIN {nargs=split("'"$*"'",args)}
$field == args[1] {
matched=1;
for (i=1;i<=NF-field;i++) {
if ($(i+field) == args[i+1]) {matched++}
}
if (matched == nargs) {found++}
}
END {print found+0}' field="${PS_X_FIELD}") -eq 0 ] \
&& "$@" || sleep 1;
done
fi
}
# shellcheck shell=sh
## rc_function.sh defines customs shell functions
# author: Yann "aya" Autissier
# license: MIT
# updated: 2021/03/04
# start an ssh agent and add any private key in ~/.ssh
ssh_agent () {
command -v ssh-agent >/dev/null 2>&1 && command -v ssh-add >/dev/null 2>&1 || return
SSH_AGENT_DIR="/tmp/ssh-$(id -u)"
SSH_AGENT_SOCK="${SSH_AGENT_DIR}/agent@$(hostname |sed 's/\..*//')"
[ -z "${SSH_AUTH_SOCK}" ] \
&& { [ -d "${SSH_AGENT_DIR}" ] || { mkdir "${SSH_AGENT_DIR}" 2>/dev/null && chmod 0700 "${SSH_AGENT_DIR}"; } } \
&& [ $(ps wwx -o args |awk '$1 == "ssh-agent" && $3 == "'"${SSH_AGENT_SOCK}"'"' |wc -l) -eq 0 ] \
&& rm -f "${SSH_AGENT_SOCK}" \
&& ssh-agent -a "${SSH_AGENT_SOCK}" >/dev/null 2>&1
export SSH_AUTH_SOCK="${SSH_AUTH_SOCK:-${SSH_AGENT_SOCK}}"
(echo "${HOME}"/.ssh/id_rsa; grep -l 'PRIVATE KEY' "${HOME}"/.ssh/* |grep -vE "^${HOME}/.ssh/id_rsa$") |while read -r file; do
[ -r "${file}" ] && [ -z "$(ssh-add -l |awk '{print $3}' |grep -E "^${file}$")" ] && ssh-add "${file}"
## force() runs a command sine die
force() {
if [ $# -gt 0 ]; then
while true; do
"$@"
sleep 1
done
unset SSH_AGENT_DIR SSH_AGENT_SOCK
fi
}
# attach an existing screen or create a new one
attach_screen () {
command -v screen >/dev/null 2>&1 || return
if [ -z "${STY}" ]; then
# attach screen in tmux window 0
[ -n "${TMUX}" ] && [ "$(tmux list-window 2>/dev/null |awk '$NF == "(active)" {print $1}' |sed 's/:$//')" != "0" ] && return
/bin/echo -n 'Attaching screen.' && sleep 1 && /bin/echo -n '.' && sleep 1 && /bin/echo -n '.' && sleep 1 && screen -xRR -S "$(id -nu)" 2>/dev/null
fi
## force8() runs a command sine die if not already running
force8() {
if [ $# -gt 0 ]; then
while true; do
# awk expression to match $@
[ "$(ps wwx -o args 2>/dev/null |awk -v field="${PS_X_FIELD:-1}" '
BEGIN { nargs=split("'"$*"'",args); }
# first field matched
$field == args[1] {
matched=1;
# match following fields
for (i=1;i<=NF-field;i++) {
if ($(i+field) == args[i+1]) { matched++; }
};
# all fields matched
if (matched == nargs) { found++; }
}
END { print found+0; }'
)" = 0 ] && "$@"
sleep 1
done
fi
}
# attach an existing tmux or create a new one
attach_tmux () {
command -v tmux >/dev/null 2>&1 || return
SESSION_NAME="$(id -nu)@$(hostname |sed 's/\..*//')"
if [ -z "${TMUX}" ]; then
/bin/echo -n 'Attaching tmux.' && sleep 1 && /bin/echo -n '.' && sleep 1 && /bin/echo -n '.' && sleep 1 && tmux -L"${SESSION_NAME}" -q has-session >/dev/null 2>&1 && tmux -L"${SESSION_NAME}" attach-session -d || tmux -L"${SESSION_NAME}" new-session -s"${SESSION_NAME}"
fi
## load_average() prints the current load average
load_average() {
awk '{printf "%.1f\n" $1}' /proc/loadavg 2>/dev/null\
|| uptime 2>/dev/null |awk '{printf "%.1f\n", $(NF-2)}'
}
## process_count() prints number of "processes"/"running processes"/"D-state"
process_count() {
ps ax -o stat 2>/dev/null |awk '
$1 ~ /R/ {process_running++};
$1 ~ /D/ {process_dstate++};
END { print NR-1"/"process_running+0"/"process_dstate+0; }'
}
# echo the "number of running processes"/"total number of processes"/"number of processes in D-state"
process_count () {
ps ax -o stat 2>/dev/null |awk '$1 ~ /R/ {process_running++}; $1 ~ /D/ {process_dstate++}; END {print process_running+0"/"NR-1"/"process_dstate+0}'
## prompt_set() exports custom PROMPT_COMMAND
prompt_set() {
case "${TERM}" in
screen*)
ESCAPE_CODE_DCS="\033k"
ESCAPE_CODE_ST="\033\\"
;;
linux*|xterm*|rxvt*)
ESCAPE_CODE_DCS="\033]0;"
ESCAPE_CODE_ST="\007"
;;
*)
;;
esac
# in a screen
if [ -n "${STY}" ]; then
export PROMPT_COMMAND='printf\
"${ESCAPE_CODE_DCS:-\033]0;}%s${ESCAPE_CODE_ST:-\007}"\
"${PWD##*/}"'
else
export PROMPT_COMMAND='printf\
"${ESCAPE_CODE_DCS:-\033]0;}%s@%s:%s${ESCAPE_CODE_ST:-\007}"\
"${USER}"\
"${HOSTNAME%%.*}"\
"${PWD##*/}"'
fi
unset ESCAPE_CODE_DCS ESCAPE_CODE_ST
}
# echo the "number of distinct logged in users"/"number of distinct users running processes"/"number of logged in users"
user_count () {
ps ax -o user,tty,comm 2>/dev/null |awk '$2 !~ /^\?/ && $3 !~ /getty$/ {logged[$1]++; tty[$2]++}; {user[$1]++}; END {for (ul in logged) {sl = sl" "ul;}; users_logged=split(sl,a," ")-1; for (uu in user) {su = su" "uu;}; users_user=split(su,a," ")-1; for (ut in tty) {st = st" "ut;}; users_tty=split(st,a," ")-1; print users_logged"/"users_user"/"users_tty}'
}
## ps1_set() exports custom PS1
ps1_set() {
case "$0" in
*sh)
COLOR_DGRAY="\[\033[1;30m\]"
COLOR_RED="\[\033[01;31m\]"
COLOR_GREEN="\[\033[01;32m\]"
COLOR_BROWN="\[\033[0;33m\]"
COLOR_YELLOW="\[\033[01;33m\]"
COLOR_BLUE="\[\033[01;34m\]"
COLOR_CYAN="\[\033[0;36m\]"
COLOR_GRAY="\[\033[0;37m\]"
COLOR_RESET="\[\033[0m\]"
;;
*)
;;
esac
# echo the load average
load_average () {
awk '{print $1}' /proc/loadavg 2>/dev/null || uptime 2>/dev/null |awk '{print $(NF-2)}'
}
# export PS1
custom_ps1 () {
case "$0" in
*ash)
local DGRAY="\[\033[1;30m\]"
local RED="\[\033[01;31m\]"
local GREEN="\[\033[01;32m\]"
local BROWN="\[\033[0;33m\]"
local YELLOW="\[\033[01;33m\]"
local BLUE="\[\033[01;34m\]"
local CYAN="\[\033[0;36m\]"
local GRAY="\[\033[0;37m\]"
local NC="\[\033[0m\]"
;;
PS1_STATUS="\$?"
PS1_COUNT="${COLOR_DGRAY}[\`
case \"$PS1_STATUS\" in
0)
printf \"${COLOR_BLUE}${PS1_STATUS}\";;
1)
printf \"${COLOR_YELLOW}${PS1_STATUS}\";;
*)
;;
printf \"${COLOR_RED}${PS1_STATUS}\";;
esac
local COLOR="\$([ \"\$(id -u)\" = 0 ] && echo \"${RED}\" || echo \"${BROWN}\")"
local COUNT="${DGRAY}[${BLUE}\$(user_count 2>/dev/null)${DGRAY}|${BLUE}\$(process_count 2>/dev/null)${DGRAY}|${BLUE}\$(load_average 2>/dev/null)${DGRAY}]"
local END="\$([ \"\$(id -u)\" = 0 ] && echo \"#\" || echo \"\$\")"
local HOSTNAME="\$(hostname |sed 's/\..*//')"
type __git_ps1 >/dev/null 2>&1 \
&& local GIT="\$(__git_ps1 2>/dev/null \" (%s)\")" \
|| local GIT="\$(BRANCH=\$(git rev-parse --abbrev-ref HEAD 2>/dev/null); [ -n \"\${BRANCH}\" ] && echo \" (\${BRANCH})\")"
local USER="\$(id -nu)"
local WORKDIR="\$(pwd |sed 's|^'\${HOME}'\(/.*\)*$|~\1|')"
export PS1="${COUNT}${COLOR}${USER}${DGRAY}@${CYAN}${HOSTNAME}${DGRAY}:${GRAY}${WORKDIR}${CYAN}${GIT}${DGRAY}${END}${NC} "
type process_count >/dev/null 2>&1 && printf\
\"${COLOR_DGRAY}|${COLOR_BLUE}%s\"\
\"\$(process_count 2>/dev/null)\"
type user_count >/dev/null 2>&1 && printf\
\"${PS1_COUNT}${COLOR_DGRAY}|${COLOR_BLUE}%s\"\
\"\$(user_count 2>/dev/null)\"
type load_average >/dev/null 2>&1 && printf\
\"${PS1_COUNT}${COLOR_DGRAY}|${COLOR_BLUE}%s\"\
\"\$(load_average 2>/dev/null)\"
\`${COLOR_DGRAY}]${COLOR_RESET}"
PS1_END="${COLOR_DGRAY}\$(
if [ \"\$(id -u)\" = 0 ]; then
printf \"#\";
else
printf \"\$\";
fi
)${COLOR_RESET}"
PS1_GIT="\$(
if type __git_ps1 >/dev/null 2>&1; then
printf \"\$(__git_ps1 2>/dev/null \" (%s)\")\"
else
printf \"\$(BRANCH=\$(git rev-parse --abbrev-ref HEAD 2>/dev/null);\
[ -n \"\${BRANCH}\" ] && printf \" (\${BRANCH})\")\"
fi
)"
PS1_GIT="${COLOR_CYAN}${PS1_GIT}${COLOR_RESET}"
PS1_HOSTNAME_COLOR="\`case \"\${ENV}\" in
[Pp][Rr][0Oo][Dd]*)
printf \"${COLOR_RED}\";;
*)
if [ -n \"\${ENV}\" ]; then
printf \"${COLOR_YELLOW}\";
else
printf \"${COLOR_GREEN}\";
fi;;
esac\`"
PS1_HOSTNAME="${PS1_HOSTNAME_COLOR}\$(hostname |sed 's/\..*//')${COLOR_RESET}"
PS1_USER_COLOR="\$(
if [ \"\$(id -u)\" = 0 ]; then
printf \"${COLOR_RED}\";
else
printf \"${COLOR_BROWN}\";
fi
)"
PS1_USER="${PS1_USER_COLOR}\$(id -nu):\$(id -u)${COLOR_RESET}"
PS1_WORKDIR="${COLOR_GRAY}\$(
pwd |sed 's|^'\${HOME}'\(/.*\)*$|~\1|'
)${COLOR_RESET}"
PS1="${PS1_COUNT}${PS1_USER}${COLOR_DGRAY}@${PS1_HOSTNAME}"
PS1="${PS1}${COLOR_DGRAY}:${PS1_WORKDIR}${PS1_GIT}${PS1_END} "
export 'PS1'
unset PS1_COUNT PS1_END PS1_GIT PS1_HOSTNAME PS1_HOSTNAME_COLOR\
PS1_USER PS1_USER_COLOR PS1_STATUS PS1_WORKDIR
}
# export PROMPT_COMMAND
custom_prompt () {
case "${TERM}" in
screen*)
ESCAPE_CODE_DCS="\033k"
ESCAPE_CODE_ST="\033\\"
;;
linux*|xterm*|rxvt*)
ESCAPE_CODE_DCS="\033]0;"
ESCAPE_CODE_ST="\007"
;;
*)
;;
esac
# in a screen
[ -n "${STY}" ] \
&& export PROMPT_COMMAND='printf "${ESCAPE_CODE_DCS:-\033]0;}%s${ESCAPE_CODE_ST:-\007}" "${PWD##*/}"' \
|| export PROMPT_COMMAND='printf "${ESCAPE_CODE_DCS:-\033]0;}%s@%s:%s${ESCAPE_CODE_ST:-\007}" "${USER}" "${HOSTNAME%%.*}" "${PWD##*/}"'
## screen_attach() attaches existing screen session or creates a new one
screen_attach() {
command -v screen >/dev/null 2>&1 || return
SCREEN_SESSION="$(id -nu)@$(hostname |sed 's/\..*//')"
if [ -z "${STY}" ]; then
# attach screen in tmux window 0 only ;)
[ -n "${TMUX}" ] \
&& [ "$(tmux list-window 2>/dev/null |awk '$NF == "(active)" {print $1}'\
|sed 's/:$//')" != "0" ] \
&& return
printf 'Attaching screen.' && sleep 1\
&& printf '.' && sleep 1\
&& printf '.' && sleep 1
exec screen -xRR -S "${SCREEN_SESSION}"
fi
unset SCREEN_SESSION
}
## screen_detach() detaches current screen session
screen_detach() {
screen -d
}
## ssh_add() loads all private keys in ~/.ssh/ to ssh agent
ssh_add() {
command -v ssh-agent >/dev/null 2>&1 && command -v ssh-add >/dev/null 2>&1 || return
SSH_AGENT_DIR="/tmp/ssh-$(id -u)"
SSH_AGENT_SOCK="${SSH_AGENT_DIR}/agent@$(hostname |sed 's/\..*//')"
# launch a new agent
if [ -z "${SSH_AUTH_SOCK}" ]; then
[ ! -d "${SSH_AGENT_DIR}" ] \
&& mkdir -p "${SSH_AGENT_DIR}" 2>/dev/null\
&& chmod 0700 "${SSH_AGENT_DIR}"
# search for an already running agent
if ps wwx -o args |awk '$1 ~ "ssh-agent$" && $3 == "'"${SSH_AGENT_SOCK}"'"' |wc -l |grep -q 0; then
rm -f "${SSH_AGENT_SOCK}"
ssh-agent -a "${SSH_AGENT_SOCK}" >/dev/null 2>&1
fi
fi
# attach to agent
export SSH_AUTH_SOCK="${SSH_AUTH_SOCK:-${SSH_AGENT_SOCK}}"
# list private keys to add
# shellcheck disable=SC2068
for dir in ${@:-${HOME}/.ssh}; do
if [ "${SSH_ADD_RECURSIVE:-}" = true ]; then
GREP_RECURSIVE_FLAG="r"
else
GREP_RECURSIVE_CHAR="*"
fi
SSH_PRIVATE_KEYS="${SSH_PRIVATE_KEYS:-} ${dir}/id_rsa $(grep -l${GREP_RECURSIVE_FLAG:-} 'PRIVATE KEY' "${dir}"/"${GREP_RECURSIVE_CHAR:-}" 2>/dev/null |grep -vw "${dir}"/id_rsa)"
done
# shellcheck disable=SC2086
printf '%s\n' ${SSH_PRIVATE_KEYS} |while read -r file; do
[ -r "${file}" ] || continue
# add private key to agent
ssh-add -l |grep -q "$(ssh-keygen -lf "${file}" 2>/dev/null |awk '{print $2}')" 2>/dev/null || ssh-add "${file}"
done
unset GREP_RECURSIVE_CHAR GREP_RECURSIVE_FLAG SSH_AGENT_DIR SSH_AGENT_SOCK SSH_PRIVATE_KEYS
}
## ssh_del() removes all private keys in ~/.ssh/ from ssh agent
ssh_del() {
command -v ssh-add >/dev/null 2>&1 || return
# attach to agent
if [ -z "${SSH_AUTH_SOCK}" ]; then
return
fi
# list private keys to del
# shellcheck disable=SC2068
for dir in ${@:-${HOME}/.ssh}; do
if [ "${SSH_DEL_RECURSIVE:-}" = true ]; then
GREP_RECURSIVE_FLAG="r"
else
GREP_RECURSIVE_CHAR="*"
fi
SSH_PRIVATE_KEYS="${SSH_PRIVATE_KEYS:-} ${dir}/id_rsa $(grep -l${GREP_RECURSIVE_FLAG:-} 'PRIVATE KEY' "${dir}"/"${GREP_RECURSIVE_CHAR:-}" 2>/dev/null |grep -vw "${dir}"/id_rsa)"
done
# shellcheck disable=SC2086
printf '%s\n' ${SSH_PRIVATE_KEYS} |while read -r file; do
[ -r "${file}" ] || continue
# remove private key from agent
ssh-add -l |grep -q "$(ssh-keygen -lf "${file}" 2>/dev/null |awk '{print $2}')" 2>/dev/null && ssh-add -d "${file}"
done
unset GREP_RECURSIVE_CHAR GREP_RECURSIVE_FLAG SSH_PRIVATE_KEYS
}
## tmux_attach() attaches existing tmux session or creates a new one
tmux_attach() {
command -v tmux >/dev/null 2>&1 || return
TMUX_SESSION="$(id -nu)@$(hostname |sed 's/\..*//')"
if [ -z "${TMUX}" ]; then
printf 'Attaching tmux.' && sleep 1\
&& printf '.' && sleep 1\
&& printf '.' && sleep 1
exec tmux -L"${TMUX_SESSION}" new-session -A -s"${TMUX_SESSION}"
fi
unset TMUX_SESSION
}
## tmux_detach() detaches current tmux session
tmux_detach() {
tmux detach
}
## user_count() prints number of "users sessions"/"users"/"logged users"
user_count() {
ps ax -o user,tty 2>/dev/null |awk '
$2 ~ /^(pts|tty)/ { users_session++; logged[$1]++; };
{ count[$1]++; }
END {
for (uc in count) { c = c" "uc; }; users_count=split(c,v," ")-1;
for (ul in logged) { l = l" "ul; }; users_logged=split(l,v," ")-1;
print users_session+0"/"users_count"/"users_logged;
}'
}
# vim:ts=2:sw=2:sts=2:et

2
docker/toggle/ui/config.js
View File

@ -1 +1 @@
toggleApp.constant('TOGGLE_API_BASE_URL', 'http://toggle-api.local.1001pharmacies.com');
toggleApp.constant('TOGGLE_API_BASE_URL', 'http://toggle-api.master.localhost');

2
docker/vsftpd-s3/.gitrepo
View File

@ -4,7 +4,7 @@
; git-subrepo command. See https://github.com/git-commands/git-subrepo#readme
;
[subrepo]
remote = ssh://git@github.com/1001Pharmacies/docker-vsftpd-s3
remote = ssh://git@github.com/aynicos/docker-vsftpd-s3
branch = master
commit = 6d5b3310525d8cb1be32f0461a8633aba8641b24
parent = 162fd1a1c05971c62996f6be53522c74559f567b

18
docker/vsftpd-s3/Dockerfile
View File

@ -1,9 +1,9 @@
FROM alpine:3.11 as dist
LABEL maintainer "yann.autissier@gmail.com"
ARG DOCKER_BUILD_DIR
ARG S3FS_VERSION=v1.85
LABEL maintainer aynic.os <support+docker@asycn.io>
# Install s3fs-fuse and sftpserver
RUN apk --no-cache upgrade \
&& apk --no-cache add --virtual .build-deps \
@ -53,17 +53,5 @@ EXPOSE 1022/tcp
EXPOSE 65000/tcp
VOLUME ["/var/log"]
FROM dist as local
ARG DOCKER_BUILD_DIR
FROM local as debug
ARG DOCKER_BUILD_DIR
FROM local as tests
ARG DOCKER_BUILD_DIR
FROM tests as preprod
ARG DOCKER_BUILD_DIR
FROM preprod as prod
FROM dist as master
ARG DOCKER_BUILD_DIR

2
docker/vsftpd-s3/LICENSE
View File

@ -1,7 +1,5 @@
MIT License
Copyright (c) 2017 1001Pharmacies
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to

10
docker/vsftpd-s3/docker-entrypoint.sh
View File

@ -10,7 +10,7 @@ PASV_MIN_PORT=${PASV_MIN_PORT:-65000}
PASV_MAX_PORT=${PASV_MAX_PORT:-65535}
# VSFTPD Banner
FTPD_BANNER=${FTPD_BANNER:-1001Pharmacies FTP Server}
FTPD_BANNER=${FTPD_BANNER:-FTP Server}
# FTP allowed commands
# full command list : https://blog.vigilcode.com/2011/08/configure-secure-ftp-with-vsftpd/
@ -39,11 +39,11 @@ pasv_max_port=$PASV_MAX_PORT" > /etc/vsftpd.conf
# SSL certificate
SSL_CERT_C=${SSL_CERT_C:-FR}
SSL_CERT_ST=${SSL_CERT_ST:-Herault}
SSL_CERT_L=${SSL_CERT_L:-Montpellier}
SSL_CERT_O=${SSL_CERT_O:-1001Pharmacies}
SSL_CERT_ST=${SSL_CERT_ST:-LaGaule}
SSL_CERT_L=${SSL_CERT_L:-Mars}
SSL_CERT_O=${SSL_CERT_O:-1nation}
SSL_CERT_OU=${SSL_CERT_OU:-Hosting}
SSL_CERT_CN=${SSL_CERT_CN:-ftp.1001pharmacies.com}
SSL_CERT_CN=${SSL_CERT_CN:-ftp}
# Create SSL certificate
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -addext extendedKeyUsage=serverAuth -addext subjectAltName=DNS:${SSL_CERT_CN} -subj "/C=${SSL_CERT_C}/ST=${SSL_CERT_ST}/L=${SSL_CERT_L}/O=${SSL_CERT_O}/OU=${SSL_CERT_OU}/CN=${SSL_CERT_CN}" -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem 2>/dev/null && echo "

13
make/apps/build.mk
View File

@ -1,7 +1,7 @@
##
# BUILD
# target build-env: Build .env file in docker SERVICE to deploy
# target build-env: Build .env file in docker SERVICE
# on local host
.PHONY: build-env
build-env: SERVICE ?= $(DOCKER_SERVICE)
@ -9,12 +9,9 @@ build-env: bootstrap
$(call docker-compose-exec,$(SERVICE), \
rm -f .env \
&& make .env ENV=$(ENV) \
&& echo BUILD=true >> .env \
&& echo BUILD_DATE='"\'"'$(shell date "+%d/%m/%Y %H:%M:%S %z" 2>/dev/null)'"\'"' >> .env \
&& echo BUILD_STATUS='"\'"'$(shell git status -uno --porcelain 2>/dev/null)'"\'"' >> .env \
&& echo DOCKER=false >> .env \
&& printf 'BUILD=true\n' >> .env \
&& $(foreach var,$(BUILD_ENV_VARS), \
$(if $($(var)),sed -i '/^$(var)=/d' .env && echo $(var)='$($(var))' >> .env &&) \
$(if $($(var)),sed -i '/^$(var)=/d' .env && printf "$(var)='$($(var))'\n" >> .env &&) \
) true \
)
@ -22,9 +19,9 @@ build-env: bootstrap
# on local host
.PHONY: build-init
build-init:
$(ECHO) rm -rf build && $(ECHO) mkdir -p build
$(RUN) rm -rf build && $(RUN) mkdir -p build
# target build-shared: Create SHARED folder in docker SERVICE to deploy
# target build-shared: Create SHARED folder in docker SERVICE
# on local host
.PHONY: build-shared
build-shared: SERVICE ?= $(DOCKER_SERVICE)

19
make/apps/common.mk
View File

@ -29,7 +29,7 @@ bootstrap-git-%:
.PHONY: build
build: docker-compose-build ## Build application docker images
# target build@%: Build application docker images to deploy of % ENV
# target build@%: Build application docker images of % ENV
# on local host
.PHONY: build@% app-build
build@%: myos-base
@ -37,23 +37,20 @@ build@%: myos-base
$(eval build_app := $(or $(filter $(DOCKER_BUILD_CACHE),false),$(filter-out $(docker_images),$(SERVICES))))
$(if $(build_app), \
$(call make,build-init app-build), \
$(if $(filter $(VERBOSE),true), \
$(foreach service,$(SERVICES), \
echo "docker image $(DOCKER_REPOSITORY)/$(service):$(DOCKER_IMAGE_TAG) has id $(shell docker images -q $(DOCKER_REPOSITORY)/$(service):$(DOCKER_IMAGE_TAG) 2>/dev/null)" && \
) true \
) \
$(foreach service,$(SERVICES), \
$(call INFO,docker image $(DOCKER_REPOSITORY)/$(service):$(DOCKER_IMAGE_TAG) has id $(shell docker images -q $(DOCKER_REPOSITORY)/$(service):$(DOCKER_IMAGE_TAG) 2>/dev/null)) && \
) true \
)
# target clean: Clean application and docker images
# on local host
.PHONY: clean app-clean
clean: app-clean docker-compose-down .env-clean ## Clean application and docker images
clean: app-clean docker-rm docker-image-rm docker-volume-rm .env-clean ## Clean application and docker stuffs
# target clean@%: Clean deployed application and docker images of % ENV
# on local host
.PHONY: clean@%
clean@%:
$(call make,docker-compose-down DOCKER_COMPOSE_DOWN_OPTIONS='--rmi all -v')
clean@%: docker-rm docker-image-rm docker-volume-rm;
# target config: View application docker compose file
# on local host
@ -86,7 +83,7 @@ down: docker-compose-down ## Remove application dockers
.PHONY: exec
exec: ## Exec command in docker SERVICE
ifneq (,$(filter $(ENV),$(ENV_DEPLOY)))
$(call exec,$(ARGS))
$(RUN) $(call exec,$(ARGS))
else
$(call make,docker-compose-exec,,ARGS)
endif
@ -227,4 +224,4 @@ upgrade: update app-upgrade release-upgrade ## Upgrade application
# target %-rule-exists: Print a warning message if % target does not exists
%-rule-exists:
$(if $(filter $*,$(MAKECMDGOALS)),$(if $(filter-out $*,$(MAKE_TARGETS)),printf "${COLOR_BROWN}WARNING${COLOR_RESET}: ${COLOR_GREEN}target${COLOR_RESET} $* ${COLOR_GREEN}not available in app${COLOR_RESET} $(APP).\n" >&2))
$(if $(filter $*,$(MAKECMDGOALS)),$(if $(filter-out $*,$(MAKE_TARGETS)),$(call WARNING,no target,$*,$(APP))))

50
make/apps/def.build.mk Normal file
View File

@ -0,0 +1,50 @@
BUILD_AUTHOR ?= $(DOCKER_AUTHOR)
BUILD_DATE ?= $(shell TZ=UTC date "+%Y%m%dT%H%M%SZ" 2>/dev/null)
BUILD_DESCRIPTION ?= Lot of Love
BUILD_DOCUMENTATION ?= $(if $(wildcard README.md),$(APP_REPOSITORY)/blob/$(COMMIT)/README.md)
BUILD_ENV_VARS ?= APP BRANCH BUILD_DATE BUILD_STATUS COMMIT DEPLOY_HOOK_URL ENV VERSION
BUILD_LABEL_VARS ?= org.label-schema.% org.opencontainers.% os.my.%
BUILD_LABEL_ARGS ?= $(foreach var,$(filter $(BUILD_LABEL_VARS),$(MAKE_FILE_VARS)),$(if $($(var)),$(var)='$($(var))'))
BUILD_LICENSE ?= GPL-3.0
BUILD_NAME ?= $(COMPOSE_SERVICE_NAME)-$(BUILD_SERVICE)
BUILD_SERVICE ?= undef
BUILD_STATUS ?= $(shell git status -uno --porcelain 2>/dev/null)
org.label-schema.build-date ?= $(BUILD_DATE)
org.label-schema.description ?= $(BUILD_DESCRIPTION)
org.label-schema.docker.cmd ?= docker run -d $(DOCKER_REGISTRY)/$(DOCKER_REPOSITORY)/$(BUILD_SERVICE):$(DOCKER_IMAGE_TAG)
org.label-schema.license ?= GPLv3
org.label-schema.name ?= $(BUILD_NAME)
org.label-schema.schema-version ?= 1.0
org.label-schema.url ?= $(APP_URL)
org.label-schema.usage ?= $(BUILD_DOCUMENTATION)
org.label-schema.vcs-ref ?= $(COMMIT)
org.label-schema.vcs-url ?= $(APP_REPOSITORY)
org.label-schema.vendor ?= $(BUILD_AUTHOR)
org.label-schema.version ?= $(VERSION)
org.opencontainers.image.created ?= $(BUILD_DATE)
org.opencontainers.image.revision ?= $(COMMIT)
org.opencontainers.image.source ?= $(APP_REPOSITORY)
org.opencontainers.image.url ?= $(APP_URL)
org.opencontainers.image.vendor ?= $(BUILD_AUTHOR)
org.opencontainers.image.version ?= $(VERSION)
org.opencontainers.image.url ?= $(APP_URL)
org.opencontainers.image.source ?= $(APP_REPOSITORY)
org.opencontainers.image.version ?= $(VERSION)
org.opencontainers.image.revision ?= $(COMMIT)
org.opencontainers.image.vendor ?= $(BUILD_AUTHOR)
org.opencontainers.image.title ?= $(BUILD_NAME)
org.opencontainers.image.description ?= $(BUILD_DESCRIPTION)
org.opencontainers.image.documentation ?= $(BUILD_DOCUMENTATION)
org.opencontainers.build_tool.revision ?= $(MYOS_COMMIT)
org.opencontainers.build_tool.source ?= $(MYOS_REPOSITORY)
org.opencontainers.image.authors ?= $(BUILD_AUTHOR)
org.opencontainers.image.licenses ?= $(BUILD_LICENSE)
os.my.author ?= $(BUILD_AUTHOR)
os.my.date ?= $(BUILD_DATE)
os.my.license ?= $(BUILD_LICENSE)
os.my.name ?= $(BUILD_NAME)
os.my.status ?= $(BUILD_STATUS)
os.my.user ?= $(USER)
os.my.uid ?= $(UID)
os.my.version ?= $(VERSION)

97
make/apps/def.docker.mk
View File

@ -1,7 +1,7 @@
CMDS += docker-compose-exec docker-run docker-run-%
COMPOSE_FILE ?= $(wildcard docker/docker-compose.yml $(foreach file,$(patsubst docker/docker-compose.%,%,$(basename $(wildcard docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),docker/docker-compose.$(file).yml)))
COMPOSE_FILE_$(ENV) ?= true
COMPOSE_FILE_DEBUG ?= $(DEBUG)
COMPOSE_FILE_DEBUG ?= $(if $(DEBUG),true)
COMPOSE_FILE_NFS ?= $(MOUNT_NFS)
COMPOSE_FILE_SSH ?= true
ifneq ($(SUBREPO),)
@ -9,23 +9,22 @@ COMPOSE_FILE_SUBREPO ?= true
else
COMPOSE_FILE_APP ?= true
endif
ifneq (,$(filter $(ENV),$(ENV_DEPLOY)))
COMPOSE_FILE_TMPFS ?= false
else
COMPOSE_FILE_TMPFS ?= true
endif
COMPOSE_IGNORE_ORPHANS ?= false
COMPOSE_PROJECT_NAME ?= $(USER)_$(ENV)_$(APP)
COMPOSE_PROJECT_NAME ?= $(APP_ENV)$(subst /,,$(subst -,,$(APP_PATH)))
COMPOSE_SERVICE_NAME ?= $(subst _,-,$(COMPOSE_PROJECT_NAME))
CONTEXT += COMPOSE_FILE DOCKER_IMAGE_TAG DOCKER_REPOSITORY DOCKER_SERVICE
CONTEXT_DEBUG += DOCKER_REGISTRY
DOCKER_BUILD_ARGS ?= $(if $(filter $(DOCKER_BUILD_NO_CACHE),true),--pull --no-cache) $(foreach var,$(DOCKER_BUILD_VARS),$(if $($(var)),--build-arg $(var)='$($(var))'))
CONTEXT += COMPOSE_FILE DOCKER_REPOSITORY
CONTEXT_DEBUG += DOCKER_BUILD_TARGET DOCKER_IMAGE_TAG DOCKER_REGISTRY DOCKER_SERVICE DOCKER_SERVICES
DOCKER_AUTHOR ?= $(DOCKER_AUTHOR_NAME) <$(DOCKER_AUTHOR_EMAIL)>
DOCKER_AUTHOR_EMAIL ?= $(subst +git,+docker,$(GIT_AUTHOR_EMAIL))
DOCKER_AUTHOR_NAME ?= $(GIT_AUTHOR_NAME)
DOCKER_BUILD_ARGS ?= $(if $(filter true,$(DOCKER_BUILD_NO_CACHE)),--pull --no-cache) $(foreach var,$(DOCKER_BUILD_VARS),$(if $($(var)),--build-arg $(var)='$($(var))'))
DOCKER_BUILD_CACHE ?= true
DOCKER_BUILD_LABEL ?= $(foreach var,$(filter $(BUILD_LABEL_VARS),$(MAKE_FILE_VARS)),$(if $($(var)),--label $(var)='$($(var))'))
DOCKER_BUILD_NO_CACHE ?= false
DOCKER_BUILD_TARGET ?= $(if $(filter $(ENV),$(DOCKER_BUILD_TARGETS)),$(ENV),$(DOCKER_BUILD_TARGET_DEFAULT))
DOCKER_BUILD_TARGET_DEFAULT ?= local
DOCKER_BUILD_TARGETS ?= local debug tests preprod prod
DOCKER_BUILD_VARS ?= APP BRANCH DOCKER_GID DOCKER_REPOSITORY GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME TARGET UID USER VERSION
DOCKER_BUILD_TARGET_DEFAULT ?= master
DOCKER_BUILD_TARGETS ?= $(ENV_DEPLOY)
DOCKER_BUILD_VARS ?= APP BRANCH DOCKER_GID DOCKER_REPOSITORY GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME SSH_BASTION_HOSTNAME SSH_BASTION_USERNAME SSH_PRIVATE_IP_RANGE SSH_PUBLIC_HOST_KEYS SSH_REMOTE_HOSTS UID USER VERSION
DOCKER_COMPOSE_DOWN_OPTIONS ?=
DOCKER_COMPOSE_UP_OPTIONS ?= -d
DOCKER_GID ?= $(call gid,docker)
@ -34,19 +33,33 @@ DOCKER_IMAGES ?= $(patsubst %/,%,$(patsubst docker/%,%,$(dir $
DOCKER_PLUGIN ?= rexray/s3fs:latest
DOCKER_PLUGIN_ARGS ?= $(foreach var,$(DOCKER_PLUGIN_VARS),$(if $(DOCKER_PLUGIN_$(var)),$(var)='$(DOCKER_PLUGIN_$(var))'))
DOCKER_PLUGIN_OPTIONS ?= --grant-all-permissions
DOCKER_PLUGIN_S3FS_ACCESSKEY ?= $(shell $(call conf,$(HOME)/.aws/credentials,$(or $(AWS_PROFILE),default),aws_access_key_id))
DOCKER_PLUGIN_S3FS_ACCESSKEY ?= $(AWS_ACCESS_KEY_ID)
DOCKER_PLUGIN_S3FS_OPTIONS ?= allow_other,nonempty,use_path_request_style,url=https://s3-eu-west-1.amazonaws.com
DOCKER_PLUGIN_S3FS_SECRETKEY ?= $(shell $(call conf,$(HOME)/.aws/credentials,$(or $(AWS_PROFILE),default),aws_secret_access_key))
DOCKER_PLUGIN_S3FS_SECRETKEY ?= $(AWS_SECRET_ACCESS_KEY)
DOCKER_PLUGIN_S3FS_REGION ?= eu-west-1
DOCKER_PLUGIN_VARS ?= S3FS_ACCESSKEY S3FS_OPTIONS S3FS_SECRETKEY S3FS_REGION
DOCKER_REGISTRY ?= registry
DOCKER_REGISTRY ?= docker.io
DOCKER_REGISTRY_USERNAME ?= $(USER)
DOCKER_REGISTRY_REPOSITORY ?= $(addsuffix /,$(DOCKER_REGISTRY))$(subst $(USER),$(DOCKER_REGISTRY_USERNAME),$(DOCKER_REPOSITORY))
DOCKER_REPOSITORY ?= $(subst _,/,$(COMPOSE_PROJECT_NAME))
DOCKER_SERVICE ?= $(shell $(call docker-compose,--log-level critical config --services) |tail -1)
DOCKER_SERVICE ?= $(lastword $(DOCKER_SERVICES))
DOCKER_SERVICES ?= $(eval IGNORE_DRYRUN := true)$(shell $(call docker-compose,--log-level critical config --services))$(eval IGNORE_DRYRUN := false)
DOCKER_SHELL ?= $(SHELL)
ENV_VARS += COMPOSE_PROJECT_NAME COMPOSE_SERVICE_NAME DOCKER_BUILD_TARGET DOCKER_GID DOCKER_IMAGE_TAG DOCKER_REGISTRY DOCKER_REPOSITORY DOCKER_SHELL
ifeq ($(DOCKER), true)
DOCKER_COMPOSE ?= docker/compose:$(COMPOSE_VERSION)
else
DOCKER_COMPOSE ?= $(or $(shell docker compose >/dev/null 2>&1 && printf 'docker compose\n'),docker-compose)
endif
ifeq ($(DRONE), true)
APP_PATH_PREFIX := $(DRONE_BUILD_NUMBER)
DOCKER_BUILD_CACHE := false
DOCKER_COMPOSE_DOWN_OPTIONS := --rmi all -v
DOCKER_COMPOSE_UP_OPTIONS := -d --build
endif
# https://github.com/docker/libnetwork/pull/2348
ifeq ($(HOST_SYSTEM), DARWIN)
DOCKER_HOST_IFACE ?= $(shell docker run --rm -it --net=host alpine /sbin/ip -4 route list match 0/0 2>/dev/null |awk '{print $$5}' |awk '!seen[$$0]++' |head -1)
@ -60,64 +73,43 @@ DOCKER_INTERNAL_DOCKER_GATEWAY ?= $(shell /sbin/ip -4 route list match 0/0 2>/d
DOCKER_INTERNAL_DOCKER_HOST ?= $(shell /sbin/ip addr show docker0 2>/dev/null |awk '$$1 == "inet" {sub(/\/.*/,"",$$2); print $$2}')
endif
ifeq ($(DRONE), true)
APP_PATH_PREFIX := $(DRONE_BUILD_NUMBER)
COMPOSE_PROJECT_NAME := $(USER)_$(ENV)$(APP_PATH_PREFIX)_$(APP)
COMPOSE_SERVICE_NAME := $(subst _,-,$(COMPOSE_PROJECT_NAME))
DOCKER_BUILD_CACHE := false
DOCKER_COMPOSE_DOWN_OPTIONS := --rmi all -v
DOCKER_COMPOSE_UP_OPTIONS := -d --build
DOCKER_REPOSITORY := $(USER)/$(ENV)/$(APP)
endif
ifeq ($(DOCKER), true)
# function docker-compose: Run docker-compose with arg 1
define docker-compose
$(call run,docker/compose:$(COMPOSE_VERSION) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) $(1))
$(call INFO,docker-compose,$(1))
$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) $(1))
endef
# function docker-compose-exec: Run docker-compose-exec with arg 2 in service 1
define docker-compose-exec
$(call run,docker/compose:$(COMPOSE_VERSION) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) exec -T $(1) sh -c '$(2)')
$(call INFO,docker-compose-exec,$(1)$(comma) $(2))
$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) exec -T $(1) sh -c '$(2)')
endef
else
SHELL := /bin/bash
define docker-compose
$(call run,docker-compose $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) $(1))
endef
define docker-compose-exec
$(call run,docker-compose $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) exec -T $(1) sh -c '$(2)')
endef
endif
# function docker-build: Build docker image
define docker-build
$(call INFO,docker-build,$(1)$(comma) $(2)$(comma) $(3))
$(eval path := $(patsubst %/,%,$(1)))
$(eval tag := $(or $(2),$(DOCKER_REPOSITORY)/$(lastword $(subst /, ,$(path))):$(DOCKER_IMAGE_TAG)))
$(eval target := $(subst ",,$(subst ',,$(or $(3),$(DOCKER_BUILD_TARGET)))))
$(eval image_id := $(shell docker images -q $(tag) 2>/dev/null))
$(eval build_image := $(or $(filter $(DOCKER_BUILD_CACHE),false),$(if $(image_id),,true)))
$(if $(build_image),$(ECHO) docker build $(DOCKER_BUILD_ARGS) --build-arg DOCKER_BUILD_DIR="$(path)" --tag $(tag) $(if $(target),--target $(target)) -f $(path)/Dockerfile .,$(if $(filter $(VERBOSE),true),echo "docker image $(tag) has id $(image_id)",true))
$(eval build_image := $(or $(filter false,$(DOCKER_BUILD_CACHE)),$(if $(image_id),,true)))
$(if $(build_image),$(RUN) docker build $(DOCKER_BUILD_ARGS) --build-arg DOCKER_BUILD_DIR="$(path)" $(DOCKER_BUILD_LABEL) --tag $(tag) $(if $(target),--target $(target)) -f $(path)/Dockerfile .,$(call INFO,docker image $(tag) has id $(image_id)))
endef
# function docker-commit: Commit docker image
define docker-commit
$(call INFO,docker-commit,$(1)$(comma) $(2)$(comma) $(3)$(comma) $(4))
$(eval service := $(or $(1),$(DOCKER_SERVICE)))
$(eval container := $(or $(2),$(firstword $(shell $(call docker-compose,--log-level critical ps -q $(service))))))
$(eval repository := $(or $(3),$(DOCKER_REPOSITORY)/$(service)))
$(eval tag := $(or $(4),$(DOCKER_IMAGE_TAG)))
$(if $(filter $(VERBOSE),true),echo docker commit $(container) $(repository):$(tag))
$(ECHO) docker commit $(container) $(repository):$(tag)
$(RUN) docker commit $(container) $(repository):$(tag)
endef
# function docker-push: Push docker image
define docker-push
$(call INFO,docker-push,$(1)$(comma) $(2)$(comma) $(3))
$(eval service := $(or $(1),$(DOCKER_SERVICE)))
$(eval name := $(or $(2),$(DOCKER_REGISTRY_REPOSITORY)/$(service)))
$(eval tag := $(or $(3),$(DOCKER_IMAGE_TAG)))
$(if $(filter $(VERBOSE),true),echo docker push $(name):$(tag))
$(ECHO) docker push $(name):$(tag)
$(RUN) docker push $(name):$(tag)
endef
# function docker-stack: Call itself recursively for each stack to expand stacks
# docker-stack: if 1st arg is a variable and can be expand to values, it calls
@ -125,6 +117,7 @@ endef
# 1st arg: stacks, extract it from stack_names:stack_versions
# 2nd arg: versions, extract it from stack_names:stack_versions or 2nd arg
define docker-stack
$(call INFO,docker-stack,$(1)$(comma) $(2))
$(eval stacks := $(firstword $(subst :, ,$(1))))
$(eval versions := $(or $(if $(findstring :,$(1)),$(lastword $(subst :, ,$(1)))),$(2)))
$(if $($(stacks)),$(foreach substack,$($(stacks)),$(call docker-stack,$(substack),$(if $(findstring :,$(1)),$(versions)))),$(call docker-stack-update,$(stacks),$(versions)))
@ -140,20 +133,22 @@ endef
# add $(path)/$(name).yml, $(path)/$(name).$(ENV).yml and $(path)/$(name).$(version).yml to COMPOSE_FILE variable
# if $(path)/.env.dist file exists, update .env file
define docker-stack-update
$(call INFO,docker-stack-update,$(1)$(comma) $(2)$(comma) $(3))
$(eval stack := $(patsubst %.yml,%,$(notdir $(1))))
$(eval name := $(firstword $(subst :, ,$(stack))))
$(eval version := $(or $(2),$(if $(findstring :,$(stack)),$(lastword $(subst :, ,$(stack))),latest)))
$(eval path := $(patsubst %/,%,$(or $(3),$(if $(findstring /,$(1)),$(if $(wildcard stack/$(1) stack/$(1).yml),stack/$(if $(findstring .yml,$(1)),$(dir $(1)),$(if $(wildcard stack/$(1).yml),$(dir $(1)),$(1))),$(dir $(1)))),stack/$(name))))
$(eval COMPOSE_FILE += $(wildcard $(path)/$(name).yml $(path)/$(name).$(ENV).yml $(path)/$(name).$(ENV).$(version).yml $(path)/$(name).$(version).yml))
$(eval COMPOSE_FILE := $(strip $(COMPOSE_FILE)))
$(if $(wildcard $(path)/.env.dist),$(call .env,,$(path)/.env.dist,$(wildcard $(CONFIG)/$(ENV)/$(APP)/.env $(path)/.env.$(ENV) .env)))
endef
# function docker-tag: Tag docker image
define docker-tag
$(call INFO,docker-tag,$(1)$(comma) $(2)$(comma) $(3)$(comma) $(4)$(comma) $(5))
$(eval service := $(or $(1),$(DOCKER_SERVICE)))
$(eval source := $(or $(2),$(DOCKER_REPOSITORY)/$(service)))
$(eval source_tag := $(or $(3),$(DOCKER_IMAGE_TAG)))
$(eval target := $(or $(4),$(DOCKER_REGISTRY_REPOSITORY)/$(service)))
$(eval target_tag := $(or $(5),$(source_tag)))
$(if $(filter $(VERBOSE),true),echo docker tag $(source):$(source_tag) $(target):$(target_tag))
$(ECHO) docker tag $(source):$(source_tag) $(target):$(target_tag)
$(RUN) docker tag $(source):$(source_tag) $(target):$(target_tag)
endef

11
make/apps/def.install.mk
View File

@ -1,8 +1,9 @@
# function install-config: copy CONFIG files to application config folder
define install-config
$(eval path:=$(or $(1),$(APP)))
$(eval file:=$(or $(2),$(DOCKER_SERVICE)))
$(eval dest:=$(or $(3),config))
$(eval env:=$(or $(4),$(ENV)))
$(if $(wildcard $(dest)/$(file)),,$(if $(wildcard $(CONFIG)/$(env)/$(path)/$(file)),$(ECHO) cp -a $(CONFIG)/$(env)/$(path)/$(file) $(dest)))
$(call INFO,install-config,$(1)$(comma) $(2)$(comma) $(3)$(comma) $(4))
$(eval path:=$(or $(1),$(APP)))
$(eval file:=$(or $(2),$(DOCKER_SERVICE)))
$(eval dest:=$(or $(3),config))
$(eval env:=$(or $(4),$(ENV)))
$(if $(wildcard $(dest)/$(file)),,$(if $(wildcard $(CONFIG)/$(env)/$(path)/$(file)),$(RUN) cp -a $(CONFIG)/$(env)/$(path)/$(file) $(dest)))
endef

13
make/apps/def.mk
View File

@ -1,19 +1,24 @@
APP_DIR ?= $(CURDIR)
APP_DOMAIN ?= $(ENV)$(addprefix .,$(DOMAIN))
APP_ENV ?= $(USER_ENV)_$(APP)
APP_HOST ?= $(APP)$(addprefix .,$(APP_DOMAIN))
APP_INSTALLED ?= $(APPS)
APP_PARENT ?= $(MONOREPO)
APP_PARENT_DIR ?= $(MONOREPO_DIR)
APP_PATH ?= /$(APP_PATH_PREFIX)
APP_REPOSITORY ?= $(GIT_REPOSITORY)
APP_REQUIRED ?= $(APP_REPOSITORY)
APP_SCHEME ?= https
APP_UPSTREAM_REPOSITORY ?= $(or $(shell git config --get remote.upstream.url 2>/dev/null),$(GIT_UPSTREAM_REPOSITORY))
APP_URI ?= $(APP_HOST)$(APP_PATH)
APP_URL ?= $(APP_SCHEME)://$(APP_URI)
BUILD_ENV_VARS ?= APP BRANCH COMMIT DEPLOY_HOOK_URL ENV VERSION
CONTEXT_DEBUG += APP_DIR APP_DOMAIN APP_HOST APP_PATH APP_URL APP_REPOSITORY APP_UPSTREAM_REPOSITORY CONSUL_HTTP_TOKEN SERVICES
ENV_DEPLOY ?= $(shell ls .git/refs/heads/)
CONTEXT_DEBUG += APP_DIR APP_URL APP_REPOSITORY APP_UPSTREAM_REPOSITORY ENV_DEPLOY
ENV_DEPLOY ?= $(shell ls .git/refs/remotes/origin/ 2>/dev/null)
ENV_VARS += APP_DIR APP_DOMAIN APP_HOST APP_PATH APP_URL CONSUL_HTTP_TOKEN $(if $(filter true,$(MOUNT_NFS)),NFS_CONFIG)
MOUNT_NFS ?= false
NFS_CONFIG ?= addr=$(NFS_HOST),actimeo=3,intr,noacl,noatime,nocto,nodiratime,nolock,soft,rsize=32768,wsize=32768,tcp,rw,vers=3
NFS_HOST ?= host.docker.internal
SERVICES ?= $(eval DRYRUN_IGNORE := true) $(shell $(call docker-compose,--log-level critical config --services)) $(eval DRYRUN_IGNORE := false)
SERVICE_ENV ?= $(subst _,-,$(APP_ENV))
SERVICE_NAME ?= $(COMPOSE_SERVICE_NAME)
SERVICE_VERSION ?= $(BUILD_DATE)-$(VERSION)
SERVICES ?= $(DOCKER_SERVICES)

4
make/apps/deploy.mk
View File

@ -8,7 +8,7 @@
.PHONY: deploy@%
deploy@%: myos-base build@% ## Deploy application docker images
$(call make,docker-login docker-tag docker-push)
$(call make,myos-ansible-pull@$(ENV) ANSIBLE_DOCKER_IMAGE_TAG=$(VERSION) ANSIBLE_TAGS=aws,,APP AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY)
$(call make,myos-ansible-pull@$(ENV) ANSIBLE_DOCKER_IMAGE_TAG=$(VERSION) ANSIBLE_TAGS=aws AWS_ACCESS_KEY_ID=$(AWS_ACCESS_KEY_ID) AWS_SECRET_ACCESS_KEY=$(AWS_SECRET_ACCESS_KEY),,APP)
$(call make,docker-tag-latest docker-push-latest)
# target deploy-hook: Fire app-deploy deploy-hook-ping
@ -23,7 +23,7 @@ deploy-hook-ping: deploy-hook-ping-curl
# target deploy-hook-ping-curl: Post install hook to curl DEPLOY_HOOK_URL
.PHONY: deploy-hook-ping-curl
deploy-hook-ping-curl:
$(if $(DEPLOY_HOOK_URL),$(ECHO) curl -X POST --data-urlencode \
$(if $(DEPLOY_HOOK_URL),$(RUN) curl -X POST --data-urlencode \
'payload={"text": "$(DEPLOY_HOOK_TEXT)"}' \
$(DEPLOY_HOOK_URL) \
||: )

32
make/apps/docker.mk
View File

@ -27,7 +27,7 @@ docker-commit-%:
# target docker-compose-build: Fire docker-images-myos, Call docker-compose build SERVICE
.PHONY: docker-compose-build
docker-compose-build: docker-images-myos
$(call docker-compose,build $(if $(filter $(DOCKER_BUILD_NO_CACHE),true),--pull --no-cache) $(if $(filter $(SERVICE),$(SERVICES)),$(SERVICE)))
$(call docker-compose,build $(DOCKER_BUILD_ARGS) $(if $(filter $(SERVICE),$(SERVICES)),$(SERVICE)))
# target docker-compose-config: Call docker-compose config
.PHONY: docker-compose-config
@ -120,12 +120,12 @@ docker-images-rm:
# target docker-images-rm-%: Remove docker images matching %
.PHONY: docker-images-rm-%
docker-images-rm-%:
docker images |awk '$$1 ~ /^$(subst /,\/,$*)/ {print $$3}' |sort -u |while read image; do docker rmi -f $$image; done
docker images |awk '$$1 ~ /^$(subst /,\/,$*)/ {print $$3}' |sort -u |while read image; do $(RUN) docker rmi -f $$image; done
# target docker-login: Exec 'docker login'
.PHONY: docker-login
docker-login: myos-base
$(ECHO) docker login
$(RUN) docker login
# target docker-network-create: Fire docker-network-create-% for DOCKER_NETWORK
.PHONY: docker-network-create
@ -134,8 +134,9 @@ docker-network-create: docker-network-create-$(DOCKER_NETWORK)
# target docker-network-create-%: Exec 'docker network create %'
.PHONY: docker-network-create-%
docker-network-create-%:
[ -n "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ] \
|| { echo -n "Creating docker network $* ... " && $(ECHO) docker network create $* >/dev/null 2>&1 && echo "done" || echo "ERROR"; }
if [ -z "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ]; then \
$(RUN) docker network create $* >/dev/null \
&& $(call INFO,docker network $* created); fi \
# target docker-network-rm: Fire docker-network-rm-% for DOCKER_NETWORK
.PHONY: docker-network-rm
@ -144,14 +145,15 @@ docker-network-rm: docker-network-rm-$(DOCKER_NETWORK)
# target docker-network-rm-%: Remove docker network %
.PHONY: docker-network-rm-%
docker-network-rm-%:
[ -z "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ] \
|| { echo -n "Removing docker network $* ... " && $(ECHO) docker network rm $* >/dev/null 2>&1 && echo "done" || echo "ERROR"; }
if [ -n "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ]; then \
$(RUN) docker network rm $* >/dev/null \
&& $(call INFO,docker network $* removed); fi \
# target docker-plugin-install: Exec 'docker plugin install DOCKER_PLUGIN_OPTIONS DOCKER_PLUGIN'
.PHONY: docker-plugin-install
docker-plugin-install:
$(eval docker_plugin_state := $(shell docker plugin ls | awk '$$2 == "$(DOCKER_PLUGIN)" {print $$NF}') )
$(if $(docker_plugin_state),$(if $(filter $(docker_plugin_state),false),echo -n "Enabling docker plugin $(DOCKER_PLUGIN) ... " && $(ECHO) docker plugin enable $(DOCKER_PLUGIN) >/dev/null 2>&1 && echo "done" || echo "ERROR"),echo -n "Installing docker plugin $(DOCKER_PLUGIN) ... " && $(ECHO) docker plugin install $(DOCKER_PLUGIN_OPTIONS) $(DOCKER_PLUGIN) $(DOCKER_PLUGIN_ARGS) >/dev/null 2>&1 && echo "done" || echo "ERROR")
$(if $(docker_plugin_state),$(if $(filter $(docker_plugin_state),false),printf "Enabling docker plugin $(DOCKER_PLUGIN) ... " && $(RUN) docker plugin enable $(DOCKER_PLUGIN) >/dev/null 2>&1 && printf "done\n" || printf "ERROR\n"),printf "Installing docker plugin $(DOCKER_PLUGIN) ... " && $(RUN) docker plugin install $(DOCKER_PLUGIN_OPTIONS) $(DOCKER_PLUGIN) $(DOCKER_PLUGIN_ARGS) >/dev/null 2>&1 && printf "done\n" || printf "ERROR\n")
# target docker-push: Call docker-push for each SERVICES
.PHONY: docker-push
@ -159,7 +161,7 @@ docker-push:
ifneq ($(filter $(DEPLOY),true),)
$(foreach service,$(or $(SERVICE),$(SERVICES)),$(call docker-push,$(service)))
else
printf "${COLOR_BROWN}WARNING${COLOR_RESET}: ${COLOR_GREEN}target${COLOR_RESET} $@ ${COLOR_GREEN}not enabled in${COLOR_RESET} $(APP).\n" >&2
$(call WARNING,disabled target,$@,$(APP))
endif
# target docker-push-%: Call docker-push with tag % for each SERVICES
@ -168,7 +170,7 @@ docker-push-%:
ifneq ($(filter $(DEPLOY),true),)
$(foreach service,$(or $(SERVICE),$(SERVICES)),$(call docker-push,$(service),,$*))
else
printf "${COLOR_BROWN}WARNING${COLOR_RESET}: ${COLOR_GREEN}target${COLOR_RESET} $@ ${COLOR_GREEN}not enabled in${COLOR_RESET} $(APP).\n" >&2
$(call WARNING,disabled target,$@,$(APP))
endif
# target docker-rebuild: Call docker-build target with DOCKER_BUILD_CAHE=false
@ -188,7 +190,7 @@ docker-rm: docker-rm-$(COMPOSE_PROJECT_NAME)
# target docker-rm-%: Remove dockers matching %
.PHONY: docker-rm-%
docker-rm-%:
docker ps -a |awk '$$NF ~ /^$*/ {print $$NF}' |while read docker; do docker rm -f $$docker; done
docker ps -a |awk '$$NF ~ /^$*/ {print $$NF}' |while read docker; do $(RUN) docker rm -f $$docker; done
# target docker-run: Call docker-run-% target with ARGS for SERVICE
.PHONY: docker-run
@ -203,7 +205,7 @@ docker-run-%: docker-build-%
$(eval path := $(patsubst %/,%,$*))
$(eval image := $(DOCKER_REPOSITORY)/$(lastword $(subst /, ,$(path)))$(if $(findstring :,$*),,:$(DOCKER_IMAGE_TAG)))
$(eval image_id := $(shell docker images -q $(image) 2>/dev/null))
$(call docker-run,$(if $(image_id),$(image),$(path)),$(command))
$(call docker-run,$(command),$(if $(image_id),$(image),$(path)))
# target docker-tag: Call docker-tag for each SERVICES
.PHONY: docker-tag
@ -211,7 +213,7 @@ docker-tag:
ifneq ($(filter $(DEPLOY),true),)
$(foreach service,$(or $(SERVICE),$(SERVICES)),$(call docker-tag,$(service)))
else
printf "${COLOR_BROWN}WARNING${COLOR_RESET}: ${COLOR_GREEN}target${COLOR_RESET} $@ ${COLOR_GREEN}not enabled in${COLOR_RESET} $(APP).\n" >&2
$(call WARNING,disabled target,$@,$(APP))
endif
# target docker-tag-%: Call docker-tag with target tag % for each SERVICES
@ -220,7 +222,7 @@ docker-tag-%:
ifneq ($(filter $(DEPLOY),true),)
$(foreach service,$(or $(SERVICE),$(SERVICES)),$(call docker-tag,$(service),,,,$*))
else
printf "${COLOR_BROWN}WARNING${COLOR_RESET}: ${COLOR_GREEN}target${COLOR_RESET} $@ ${COLOR_GREEN}not enabled in${COLOR_RESET} $(APP).\n" >&2
$(call WARNING,disabled target,$@,$(APP))
endif
# target docker-volume-rm: Fire docker-volume-rm-% for COMPOSE_PROJECT_NAME
@ -230,4 +232,4 @@ docker-volume-rm: docker-volume-rm-$(COMPOSE_PROJECT_NAME)
# target docker-volume-rm-%: Remove docker volumes matching %
.PHONY: docker-volume-rm-%
docker-volume-rm-%:
docker volume ls |awk '$$2 ~ /^$*/ {print $$2}' |sort -u |while read volume; do docker volume rm $$volume; done
docker volume ls |awk '$$2 ~ /^$*/ {print $$2}' |sort -u |while read volume; do $(RUN) docker volume rm $$volume; done

74
make/apps/git.mk
View File

@ -4,65 +4,77 @@
# target git-branch-create-upstream-%: Create git BRANCH from upstream/% branch
.PHONY: git-branch-create-upstream-%
git-branch-create-upstream-%: myos-base update-upstream
$(call exec,git fetch --prune upstream)
$(call exec,git rev-parse --verify $(BRANCH) >/dev/null 2>&1 && echo Unable to create $(BRANCH). || git branch $(BRANCH) upstream/$*)
$(call exec,[ $$(git ls-remote --heads upstream $(BRANCH) |wc -l) -eq 0 ] && git push upstream $(BRANCH) || echo Unable to create branch $(BRANCH) on remote upstream.)
$(call exec,git checkout $(BRANCH))
$(RUN) $(call exec,git fetch --prune upstream)
$(call exec,git rev-parse --verify $(BRANCH) >/dev/null 2>&1) \
&& $(call WARNING,present branch,$(BRANCH)) \
|| $(RUN) $(call exec,git branch $(BRANCH) upstream/$*)
$(call exec,[ $$(git ls-remote --heads upstream $(BRANCH) |wc -l) -eq 0 ]) \
&& $(RUN) $(call exec,git push upstream $(BRANCH)) \
|| $(call WARNING,present branch,$(BRANCH),upstream)
$(RUN) $(call exec,git checkout $(BRANCH))
# target git-branch-delete: Delete git BRANCH
.PHONY: git-branch-delete
git-branch-delete: myos-base update-upstream
$(call exec,git rev-parse --verify $(BRANCH) >/dev/null 2>&1 && git branch -d $(BRANCH) || echo Unable to delete branch $(BRANCH).)
$(foreach remote,upstream, $(call exec,[ $$(git ls-remote --heads $(remote) $(BRANCH) |wc -l) -eq 1 ] && git push $(remote) :$(BRANCH) || echo Unable to delete branch $(BRANCH) on remote $(remote).) &&) true
$(call exec,git rev-parse --verify $(BRANCH) >/dev/null 2>&1) \
&& $(RUN) $(call exec,git branch -d $(BRANCH)) \
|| $(call WARNING,no branch,$(BRANCH))
$(foreach remote,upstream,$(call exec,[ $$(git ls-remote --heads $(remote) $(BRANCH) |wc -l) -eq 1 ]) \
&& $(RUN) $(call exec,git push $(remote) :$(BRANCH)) \
|| $(call WARNING,no branch,$(BRANCH),$(remote)) \
&&) true
# target git-branch-merge-upstream-%: Merge git BRANCH into upstream/% branch
.PHONY: git-branch-merge-upstream-%
git-branch-merge-upstream-%: myos-base update-upstream
$(call exec,git rev-parse --verify $(BRANCH) >/dev/null 2>&1)
$(call exec,git checkout $(BRANCH))
$(call exec,git pull --ff-only upstream $(BRANCH))
$(call exec,git push upstream $(BRANCH))
$(call exec,git checkout $*)
$(call exec,git pull --ff-only upstream $*)
$(call exec,git merge --no-ff --no-edit $(BRANCH))
$(call exec,git push upstream $*)
$(RUN) $(call exec,git rev-parse --verify $(BRANCH) >/dev/null 2>&1)
$(RUN) $(call exec,git checkout $(BRANCH))
$(RUN) $(call exec,git pull --ff-only upstream $(BRANCH))
$(RUN) $(call exec,git push upstream $(BRANCH))
$(RUN) $(call exec,git checkout $*)
$(RUN) $(call exec,git pull --ff-only upstream $*)
$(RUN) $(call exec,git merge --no-ff --no-edit $(BRANCH))
$(RUN) $(call exec,git push upstream $*)
# target git-stash: git stash
.PHONY: git-stash
git-stash: myos-base git-status
if [ ! $(STATUS) -eq 0 ]; then \
$(call exec,git stash); \
$(RUN) $(call exec,git stash); \
fi
# target git-status: Define STATUS with number of lines of git status
.PHONY: git-status
git-status: myos-base
$(eval DRYRUN_IGNORE := true)
$(eval STATUS := $(shell $(call exec,git status -uno --porcelain 2>/dev/null |wc -l)))
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := true)
$(eval STATUS := $(shell $(call exec,sh -c 'git status -uno --porcelain 2>/dev/null |wc -l')))
$(eval IGNORE_DRYRUN := false)
# target git-tag-create-upstream-%: Create git TAG to reference upstream/% branch
.PHONY: git-tag-create-upstream-%
git-tag-create-upstream-%: myos-base update-upstream
ifneq ($(words $(TAG)),0)
$(call exec,git checkout $*)
$(call exec,git pull --tags --prune upstream $*)
$(call sed,s/^##\? $(TAG).*/## $(TAG) - $(shell date +%Y-%m-%d)/,CHANGELOG.md)
$(call exec,[ $$(git diff CHANGELOG.md 2>/dev/null |wc -l) -eq 0 ] || git commit -m "$$(cat CHANGELOG.md |sed -n '\''/$(TAG)/,/^$$/{s/##\(.*\)/release\1\n/;p;}'\'')" CHANGELOG.md)
$(call exec,[ $$(git tag -l $(TAG) |wc -l) -eq 0 ] || git tag -d $(TAG))
$(call exec,git tag $(TAG))
$(call exec,[ $$(git ls-remote --tags upstream $(TAG) |wc -l) -eq 0 ] || git push upstream :refs/tags/$(TAG))
$(call exec,git push --tags upstream $*)
$(RUN) $(call exec,git checkout $*)
$(RUN) $(call exec,git pull --tags --prune upstream $*)
$(RUN) $(call sed,s/^##\? $(TAG).*/## $(TAG) - $(shell date +%Y-%m-%d)/,CHANGELOG.md)
$(call exec,[ $$(git diff CHANGELOG.md 2>/dev/null |wc -l) -eq 0 ]) \
|| $(RUN) $(call exec,git commit -m "$$(cat CHANGELOG.md |sed -n '/$(TAG)/,/^$$/{s/##\(.*\)/release\1\n/;p;}')" CHANGELOG.md)
$(call exec,[ $$(git tag -l $(TAG) |wc -l) -eq 0 ]) \
|| $(RUN) $(call exec,git tag -d $(TAG))
$(RUN) $(call exec,git tag $(TAG))
$(call exec,[ $$(git ls-remote --tags upstream $(TAG) |wc -l) -eq 0 ]) \
|| $(RUN) $(call exec,git push upstream :refs/tags/$(TAG))
$(RUN) $(call exec,git push --tags upstream $*)
endif
# target git-tag-merge-upstream-%: Merge git TAG into upstream/% branch
.PHONY: git-tag-merge-upstream-%
git-tag-merge-upstream-%: myos-base update-upstream
ifneq ($(words $(TAG)),0)
$(call exec,git fetch --tags -u --prune upstream $*:$*)
$(call exec,git checkout $*)
$(call exec,git merge --ff --no-edit $(TAG))
$(call exec,git push upstream $*)
$(RUN) $(call exec,git fetch --tags -u --prune upstream $*:$*)
$(RUN) $(call exec,git checkout $*)
$(RUN) $(call exec,git merge --ff --no-edit $(TAG))
$(RUN) $(call exec,git push upstream $*)
endif
# target git-unstash: git stash pop
@ -70,5 +82,5 @@ endif
git-unstash: myos-base
$(eval STATUS ?= 0)
if [ ! $(STATUS) -eq 0 ]; then \
$(call exec,git stash pop); \
$(RUN) $(call exec,git stash pop); \
fi

26
make/apps/install.mk
View File

@ -7,10 +7,14 @@
## it creates user % with password % and all privileges on database %
## it imports %.mysql.gz file in database %
.PHONY: install-mysql-database-%
install-mysql-database-%: myos-base
$(call exec,mysql -h mysql -u root -proot $* -e "use $*" >/dev/null 2>&1 || mysql -h mysql -u root -proot mysql -e "create database $* character set utf8 collate utf8_unicode_ci;")
$(call exec,mysql -h mysql -u $* -p$* $* -e "use $*" >/dev/null 2>&1 || mysql -h mysql -u root -proot mysql -e "grant all privileges on $*.* to '\''$*'\''@'\''%'\'' identified by '\''$*'\''; flush privileges;")
$(call exec,[ $$(mysql -h mysql -u $* -p$* $* -e "show tables" 2>/dev/null |wc -l) -eq 0 ] && [ -f "${APP_DIR}/$*.mysql.gz" ] && gzip -cd "${APP_DIR}/$*.mysql.gz" |mysql -h mysql -u root -proot $* || true)
install-mysql-database-%: $(if $(DOCKER_RUN),myos-base)
$(call exec,mysql -h mysql -u root -proot $* -e "use $*" >/dev/null 2>&1) \
|| $(RUN) $(call exec,mysql -h mysql -u root -proot mysql -e "create database $* character set utf8 collate utf8_unicode_ci;")
$(call exec,mysql -h mysql -u $* -p$* $* -e "use $*" >/dev/null 2>&1) \
|| $(RUN) $(call exec,mysql -h mysql -u root -proot mysql -e "grant all privileges on $*.* to '$*'@'%' identified by '$*'; flush privileges;")
$(call exec,sh -c '[ $$(mysql -h mysql -u $* -p$* $* -e "show tables" 2>/dev/null |wc -l) -eq 0 ] && [ -f "${APP_DIR}/$*.mysql.gz" ]') \
&& $(RUN) $(call exec,sh -c 'gzip -cd "${APP_DIR}/$*.mysql.gz" |mysql -h mysql -u root -proot $*') \
||:
# target install-pgsql-database-%: Import %.pgsql.gz to database %
# on local host
@ -19,10 +23,16 @@ install-mysql-database-%: myos-base
## it imports %.pgsql.gz file in database %
.PHONY: install-pgsql-database-%
install-pgsql-database-%: myos-base
$(call exec,PGPASSWORD=$* psql -h postgres -U $* template1 -c "\q" >/dev/null 2>&1 || PGPASSWORD=postgres psql -h postgres -U postgres -c "create user $* with createdb password '\''$*'\'';")
$(call exec,PGPASSWORD=$* psql -h postgres -U $* -d $* -c "" >/dev/null 2>&1 || PGPASSWORD=postgres psql -h postgres -U postgres -c "create database $* owner $* ;")
$(call exec,[ $$(PGPASSWORD=$* psql -h postgres -U $* -d $* -c "\d" 2>/dev/null |wc -l) -eq 0 ] && [ -f "${APP_DIR}/$*.pgsql.gz" ] && gzip -cd "${APP_DIR}/$*.pgsql.gz" |PGPASSWORD="postgres" psql -h postgres -U postgres -d $* || true)
$(call exec,[ $$(PGPASSWORD=$* psql -h postgres -U $* -d $* -c "\d" 2>/dev/null |wc -l) -eq 0 ] && [ -f "${APP_DIR}/$*.pgsql" ] && PGPASSWORD="postgres" psql -h postgres -U postgres -c "ALTER ROLE $* WITH SUPERUSER" && PGPASSWORD="postgres" pg_restore -h postgres --no-owner --role=$* -U postgres -d $* ${APP_DIR}/$*.pgsql && PGPASSWORD="postgres" psql -h postgres -U postgres -c "ALTER ROLE $* WITH NOSUPERUSER" || true)
$(call exec,PGPASSWORD=$* psql -h postgres -U $* template1 -c "\q" >/dev/null 2>&1) \
|| $(RUN) $(call exec,PGPASSWORD=postgres psql -h postgres -U postgres -c "create user $* with createdb password '$*';")
$(call exec,PGPASSWORD=$* psql -h postgres -U $* -d $* -c "" >/dev/null 2>&1) \
|| $(RUN) $(call exec,PGPASSWORD=postgres psql -h postgres -U postgres -c "create database $* owner $* ;")
$(call exec,[ $$(PGPASSWORD=$* psql -h postgres -U $* -d $* -c "\d" 2>/dev/null |wc -l) -eq 0 ] && [ -f "${APP_DIR}/$*.pgsql.gz" ]) \
&& $(RUN) $(call exec,sh -c 'gzip -cd "${APP_DIR}/$*.pgsql.gz" |PGPASSWORD="postgres" psql -h postgres -U postgres -d $*') \
||:
$(call exec,[ $$(PGPASSWORD=$* psql -h postgres -U $* -d $* -c "\d" 2>/dev/null |wc -l) -eq 0 ] && [ -f "${APP_DIR}/$*.pgsql" ]) \
&& $(RUN) $(call exec,sh -c 'PGPASSWORD="postgres" psql -h postgres -U postgres -c "ALTER ROLE $* WITH SUPERUSER" && PGPASSWORD="postgres" pg_restore -h postgres --no-owner --role=$* -U postgres -d $* ${APP_DIR}/$*.pgsql && PGPASSWORD="postgres" psql -h postgres -U postgres -c "ALTER ROLE $* WITH NOSUPERUSER"') \
||:
# target install-build-config: Call install-config with file * and dest build
.PHONY: install-build-config

12
make/apps/myos/def.ssh.mk
View File

@ -1,25 +1,27 @@
DOCKER_BUILD_VARS += $(SSH_ENV_VARS)
ENV_VARS += $(SSH_ENV_VARS)
SSH_BASTION_HOSTNAME ?=
SSH_BASTION_USERNAME ?=
SSH_BASTION_HOSTNAME ?=
SSH_BASTION_USERNAME ?=
SSH_ENV_VARS ?= SSH_BASTION_HOSTNAME SSH_BASTION_USERNAME SSH_PUBLIC_HOST_KEYS SSH_PRIVATE_IP_RANGE
SSH_PUBLIC_HOST_KEYS ?= $(SSH_REMOTE_HOSTS) $(SSH_BASTION_HOSTNAME)
SSH_PRIVATE_IP_RANGE ?= 10.10.*
SSH_PRIVATE_IP_RANGE ?=
SSH_REMOTE_HOSTS ?= github.com gitlab.com
# function ssh-connect: Exec command 2 on remote hosts 1 with tty
define ssh-connect
$(call INFO,ssh-connect,$(1)$(comma) $(2)$(comma) $(3))
$(eval hosts := $(1))
$(eval command := $(2))
$(eval user := $(or $(3),root))
$(eval DOCKER_EXEC_OPTIONS := -it)
$(foreach host,$(hosts),$(call exec,ssh -t -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $(user)@$(host) "$(command)") ||) true
$(foreach host,$(hosts),$(RUN) $(call exec,ssh -t -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $(user)@$(host) "$(command)") ||) true
endef
# function ssh-exec: Exec command 2 on remote hosts 1 without tty
define ssh-exec
$(call INFO,ssh-exec,$(1)$(comma) $(2)$(comma) $(3))
$(eval hosts := $(1))
$(eval command := $(2))
$(eval user := $(or $(3),root))
$(foreach host,$(hosts),$(call exec,ssh -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $(user)@$(host) "$(command)") &&) true
$(foreach host,$(hosts),$(RUN) $(call exec,ssh -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $(user)@$(host) "$(command)") &&) true
endef

53
make/apps/myos/ssh.mk
View File

@ -1,26 +1,59 @@
##
# SSH
# target get-PrivateIpAddress-%: Fire aws-ec2-get-instances-PrivateIpAddress-%
.PHONY: get-PrivateIpAddress-%
get-PrivateIpAddress-%: aws-ec2-get-instances-PrivateIpAddress-%;
# target ssh: Call ssh-connect ARGS or SHELL
.PHONY: ssh
ssh: get-PrivateIpAddress-$(SERVER_NAME) ## Connect to first remote host
ssh: ssh-get-PrivateIpAddress-$(SERVER_NAME) ## Connect to first remote host
$(call ssh-connect,$(AWS_INSTANCE_IP),$(if $(ARGS),$(ARGS),$(SHELL)))
# target ssh-add: Fire ssh-key and ssh-add file SSH_PRIVATE_KEYS in folder SSH_DIR
.PHONY: ssh-add
ssh-add: ssh-key
$(eval SSH_PRIVATE_KEYS := $(foreach file,$(SSH_DIR)/id_rsa $(filter-out $(wildcard $(SSH_DIR)/id_rsa),$(wildcard $(SSH_DIR)/*)),$(if $(shell grep "PRIVATE KEY" $(file) 2>/dev/null),$(notdir $(file)))))
$(call run,sh -c '$(foreach file,$(patsubst %,$(SSH_DIR)/%,$(SSH_PRIVATE_KEYS)),ssh-add -l |grep -qw $$(ssh-keygen -lf $(file) 2>/dev/null |awk '\''{print $$2}'\'') 2>/dev/null || $(RUN) ssh-add $(file) ||: &&) true',-v $(SSH_DIR):$(SSH_DIR) $(DOCKER_IMAGE_CLI) )
# target ssh-connect: Call ssh-connect make connect SERVICE
.PHONY: ssh-connect
ssh-connect: get-PrivateIpAddress-$(SERVER_NAME)
$(call ssh-connect,$(AWS_INSTANCE_IP),make connect $(if $(SERVICE),SERVICE=$(SERVICE)))
ssh-connect: ssh-get-PrivateIpAddress-$(SERVER_NAME)
$(call ssh-connect,$(AWS_INSTANCE_IP),make connect COMPOSE_PROJECT_NAME=$(COMPOSE_PROJECT_NAME) ENV=$(ENV) $(if $(SERVICE),SERVICE=$(SERVICE)))
# target ssh-del: ssh-add -d file SSH_PRIVATE_KEYS in folder SSH_DIR
.PHONY: ssh-del
ssh-del:
$(eval SSH_PRIVATE_KEYS := $(foreach file,$(SSH_DIR)/id_rsa $(filter-out $(wildcard $(SSH_DIR)/id_rsa),$(wildcard $(SSH_DIR)/*)),$(if $(shell grep "PRIVATE KEY" $(file) 2>/dev/null),$(notdir $(file)))))
$(call run,sh -c '$(foreach file,$(patsubst %,$(SSH_DIR)/%,$(SSH_PRIVATE_KEYS)),ssh-add -l |grep -qw $$(ssh-keygen -lf $(file) 2>/dev/null |awk '\''{print $$2}'\'') 2>/dev/null && $(RUN) ssh-add -d $(file) ||: &&) true',-v $(SSH_DIR):$(SSH_DIR) $(DOCKER_IMAGE_CLI) )
# target ssh-exec: Call ssh-exec make exec SERVICE ARGS
.PHONY: ssh-exec
ssh-exec: get-PrivateIpAddress-$(SERVER_NAME)
$(call ssh-exec,$(AWS_INSTANCE_IP),make exec $(if $(SERVICE),SERVICE=$(SERVICE)) $(if $(ARGS),ARGS='\''"$(ARGS)"'\''))
ssh-exec: ssh-get-PrivateIpAddress-$(SERVER_NAME)
$(call ssh-exec,$(AWS_INSTANCE_IP),make exec COMPOSE_PROJECT_NAME=$(COMPOSE_PROJECT_NAME) ENV=$(ENV) $(if $(SERVICE),SERVICE=$(SERVICE)) $(if $(ARGS),ARGS='\''"$(ARGS)"'\''))
# target ssh-get-PrivateIpAddress-%: Fire aws-ec2-get-instances-PrivateIpAddress-%
.PHONY: ssh-get-PrivateIpAddress-%
ssh-get-PrivateIpAddress-%: aws-ec2-get-instances-PrivateIpAddress-%;
# target ssh-key: Add ssh private key SSH_KEY to SSH_DIR
.PHONY: ssh-key
ssh-key: $(if $(DOCKER_RUN),stack-base-up)
ifneq (,$(filter true,$(DRONE)))
$(call exec,sh -c '[ ! -d $(SSH_DIR) ] && mkdir -p $(SSH_DIR) && chown $(UID) $(SSH_DIR) && chmod 0700 $(SSH_DIR) ||:')
endif
$(if $(SSH_KEY),$(eval export SSH_KEY ?= $(SSH_KEY)) $(call env-run,sh -c 'printf "$$SSH_KEY\n" > $(SSH_DIR)/$(COMPOSE_PROJECT_NAME)_id_rsa && chmod 0600 $(SSH_DIR)/$(COMPOSE_PROJECT_NAME)_id_rsa && chown $(UID) $(SSH_DIR)/$(COMPOSE_PROJECT_NAME)_id_rsa ||:'))
# target ssh-run: Call ssh-run make run SERVICE ARGS
.PHONY: ssh-run
ssh-run: get-PrivateIpAddress-$(SERVER_NAME)
ssh-run: ssh-get-PrivateIpAddress-$(SERVER_NAME)
$(call ssh-exec,$(AWS_INSTANCE_IP),make run $(if $(SERVICE),SERVICE=$(SERVICE)) $(if $(ARGS),ARGS='\''"$(ARGS)"'\''))
# target ssl-certs: Create ${DOMAIN}.key.pem and ${DOMAIN}.crt.pem files
.PHONY: ssl-certs
ssl-certs:
docker run --rm --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine [ -f /certs/$(DOMAIN).crt.pem -a -f /certs/$(DOMAIN).key.pem ] \
|| $(RUN) docker run --rm -e DOMAIN=$(DOMAIN) --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine sh -c "\
apk --no-cache add openssl \
&& { [ -f /certs/${DOMAIN}.key.pem ] || openssl genrsa -out /certs/${DOMAIN}.key.pem 2048; } \
&& openssl req -key /certs/${DOMAIN}.key.pem -out /certs/${DOMAIN}.crt.pem \
-addext extendedKeyUsage=serverAuth \
-addext subjectAltName=DNS:${DOMAIN} \
-subj \"/C=/ST=/L=/O=/CN=${DOMAIN}\" \
-x509 -days 365"

4
make/apps/release.mk
View File

@ -34,7 +34,7 @@ release-finish: release-check git-stash
# target release-update: Update RELEASE with RELEASE_VERSION in .env
.PHONY: release-update
release-update:
$(ECHO) awk -v s=RELEASE=$(RELEASE_VERSION) '/^RELEASE=/{$$0=s;f=1} {a[++n]=$$0} END{if(!f)a[++n]=s;for(i=1;i<=n;i++)print a[i]>ARGV[1]}' .env
$(RUN) awk -v s=RELEASE=$(RELEASE_VERSION) '/^RELEASE=/{$$0=s;f=1} {a[++n]=$$0} END{if(!f)a[++n]=s;for(i=1;i<=n;i++)print a[i]>ARGV[1]}' .env
# target release-upgrade: Run migration targets to upgrade specific releases
.PHONY: release-upgrade
@ -43,4 +43,4 @@ release-upgrade: $(patsubst %,release-upgrade-from-%,$(RELEASE_UPGRADE)) release
# target release-upgrade-from-%: Sample of catch-all release migration target
.PHONY: release-upgrade-from-%
release-upgrade-from-%:
echo "Upgrading from release: $*"
printf "Upgrading from release: $*\n"

7
make/apps/setup.mk
View File

@ -4,7 +4,7 @@
.PHONY: setup-sysctl
setup-sysctl:
ifeq ($(SETUP_SYSCTL),true)
$(foreach config,$(SETUP_SYSCTL_CONFIG),$(call docker-run,--privileged alpine:latest,sysctl -q -w $(config)) &&) true
$(foreach config,$(SETUP_SYSCTL_CONFIG),$(call docker-run,sysctl -q -w $(config),--privileged alpine) &&) true
endif
.PHONY: setup-nfsd
@ -16,11 +16,12 @@ endif
endif
define setup-nfsd-osx
$(call INFO,setup-nfsd-osx,$(1)$(comma) $(2)$(comma) $(3))
$(eval dir:=$(or $(1),$(MONOREPO_DIR)))
$(eval uid:=$(or $(2),$(UID)))
$(eval gid:=$(or $(3),$(GID)))
grep "$(dir)" /etc/exports >/dev/null 2>&1 || echo "$(dir) -alldirs -mapall=$(uid):$(gid) localhost" |sudo tee -a /etc/exports >/dev/null
$(foreach config,$(SETUP_NFSD_OSX_CONFIG),grep "$(config)" /etc/nfs.conf >/dev/null 2>&1 || echo "$(config)" |sudo tee -a /etc/nfs.conf >/dev/null &&) true
grep "$(dir)" /etc/exports >/dev/null 2>&1 || printf "$(dir) -alldirs -mapall=$(uid):$(gid) localhost\n" |sudo tee -a /etc/exports >/dev/null
$(foreach config,$(SETUP_NFSD_OSX_CONFIG),grep "$(config)" /etc/nfs.conf >/dev/null 2>&1 || printf "$(config)\n" |sudo tee -a /etc/nfs.conf >/dev/null &&) true
nfsd status >/dev/null || sudo nfsd enable
showmount -e localhost |grep "$(dir)" >/dev/null 2>&1 || sudo nfsd restart
endef

26
make/common.mk
View File

@ -7,13 +7,6 @@ $(APP): APP_DIR := $(RELATIVE)$(APP)
$(APP): myos-base
$(call update-app)
# target $(CONFIG): Update config files
.PHONY: $(CONFIG)
$(CONFIG): SSH_PUBLIC_HOST_KEYS := $(CONFIG_REMOTE_HOST) $(SSH_BASTION_HOSTNAME) $(SSH_REMOTE_HOSTS)
$(CONFIG): MAKE_VARS += SSH_BASTION_HOSTNAME SSH_BASTION_USERNAME SSH_PRIVATE_IP_RANGE SSH_PUBLIC_HOST_KEYS
$(CONFIG): myos-base
$(call update-app,$(CONFIG_REPOSITORY),$(CONFIG))
# target install-app install-apps: Call install-app for each ARGS
.PHONY: install-app install-apps
install-app install-apps: myos-base install-app-required
@ -26,7 +19,7 @@ install-app-required: myos-base
# target $(SHARED): Create SHARED folder
$(SHARED):
$(ECHO) mkdir -p $(SHARED)
$(RUN) mkdir -p $(SHARED)
# target update-apps: Call update-app target for each APPS
.PHONY: update-apps
@ -41,9 +34,12 @@ update-app: update-app-$(APP_NAME) ;
.PHONY: update-app-%
update-app-%: % ;
# target update-config: Fire CONFIG
# target update-config: Update config files
.PHONY: update-config
update-config: $(CONFIG)
update-config: SSH_PUBLIC_HOST_KEYS := $(CONFIG_REMOTE_HOST) $(SSH_BASTION_HOSTNAME) $(SSH_REMOTE_HOSTS)
update-config: MAKE_VARS += SSH_BASTION_HOSTNAME SSH_BASTION_USERNAME SSH_PRIVATE_IP_RANGE SSH_PUBLIC_HOST_KEYS
update-config: myos-base
$(call update-app,$(CONFIG_REPOSITORY),$(CONFIG))
# target update-hosts: Update /etc/hosts
# on local host
@ -51,27 +47,27 @@ update-config: $(CONFIG)
.PHONY: update-hosts
update-hosts:
ifneq (,$(filter $(ENV),local))
cat */.env 2>/dev/null |grep -Eo 'urlprefix-[^/]+' |sed 's/urlprefix-//' |while read host; do grep $$host /etc/hosts >/dev/null 2>&1 || { echo "Adding $$host to /etc/hosts"; echo 127.0.0.1 $$host |$(ECHO) sudo tee -a /etc/hosts >/dev/null; }; done
cat .env */.env 2>/dev/null |grep -Eo 'urlprefix-[^/]+' |sed 's/urlprefix-//' |while read host; do grep $$host /etc/hosts >/dev/null 2>&1 || { printf "Adding $$host to /etc/hosts\n"; printf "127.0.0.1 $$host\n" |$(RUN) sudo tee -a /etc/hosts >/dev/null; }; done
endif
# target update-remote-%: fetch git remote %
.PHONY: update-remote-%
update-remote-%: myos-base
$(call exec,git fetch --prune --tags $*)
$(RUN) $(call exec,git fetch --prune --tags $*)
# target update-remotes: fetch all git remotes
.PHONY: update-remotes
update-remotes: myos-base
$(call exec,git fetch --all --prune --tags)
$(RUN) $(call exec,git fetch --all --prune --tags)
# target update-upstream: fetch git remote upstream
.PHONY: update-upstream
update-upstream: myos-base .git/refs/remotes/upstream/master
$(call exec,git fetch --prune --tags upstream)
$(RUN) $(call exec,git fetch --prune --tags upstream)
# target .git/refs/remotes/upstream/master: git add upstream APP_UPSTREAM_REPOSITORY
.git/refs/remotes/upstream/master:
$(ECHO) git remote add upstream $(APP_UPSTREAM_REPOSITORY) 2>/dev/null ||:
$(RUN) git remote add upstream $(APP_UPSTREAM_REPOSITORY) 2>/dev/null ||:
# target shared: Fire SHARED
.PHONY: update-shared

7
make/debug.mk
View File

@ -4,8 +4,13 @@
# target debug: Print more informations
.PHONY: debug
debug:
$(MAKE) doc help DEBUG=true
$(MAKE) doc help profile DEBUG=true
# target debug-%: Print value of %
.PHONY: debug-%
debug-%: context-% ;
# target profile: Print timing informations
.PHONY: profile
profile: context-ELAPSED_TIME

74
make/def.docker.mk
View File

@ -1,6 +1,6 @@
COMPOSE_VERSION ?= 1.24.1
COMPOSE_PROJECT_NAME_MYOS ?= $(USER)_$(ENV)_myos
COMPOSE_PROJECT_NAME_MYOS ?= $(USER_ENV)_myos
COMPOSE_PROJECT_NAME_NODE ?= node
COMPOSE_VERSION ?= 1.29.2
DOCKER_ENV ?= $(env.docker)
DOCKER_EXEC_OPTIONS ?=
DOCKER_IMAGE ?= $(DOCKER_IMAGE_CLI)
@ -10,15 +10,16 @@ DOCKER_NAME ?= $(DOCKER_NAME_CLI)
DOCKER_NAME_CLI ?= $(COMPOSE_PROJECT_NAME_MYOS)_cli
DOCKER_NAME_SSH ?= $(COMPOSE_PROJECT_NAME_MYOS)_ssh
DOCKER_NETWORK ?= $(DOCKER_NETWORK_PRIVATE)
DOCKER_NETWORK_PRIVATE ?= $(ENV)
DOCKER_NETWORK_PRIVATE ?= $(USER_ENV)
DOCKER_NETWORK_PUBLIC ?= node
DOCKER_REPOSITORY_MYOS ?= $(subst _,/,$(COMPOSE_PROJECT_NAME_MYOS))
DOCKER_REPOSITORY_NODE ?= $(subst _,/,$(COMPOSE_PROJECT_NAME_NODE))
# DOCKER_RUN_OPTIONS: default options to `docker run` command
DOCKER_RUN_OPTIONS ?= --rm -it
# DOCKER_RUN_VOLUME: options to `docker run` command to mount additionnal volumes
DOCKER_RUN_VOLUME ?= -v $$PWD:$$PWD
DOCKER_RUN_WORKDIR ?= -w $$PWD
DOCKER_RUN ?= $(filter true,$(DOCKER))
# DOCKER_RUN_OPTIONS: default options of `docker run` command
DOCKER_RUN_OPTIONS += --rm -it
# DOCKER_RUN_VOLUME: options -v of `docker run` command to mount additionnal volumes
DOCKER_RUN_VOLUME += -v /var/run/docker.sock:/var/run/docker.sock
DOCKER_RUN_WORKDIR ?= -w $(PWD)
DOCKER_VOLUME_SSH ?= $(COMPOSE_PROJECT_NAME_MYOS)_ssh
ENV_VARS += DOCKER_NETWORK_PRIVATE DOCKER_NETWORK_PUBLIC DOCKER_REPOSITORY_MYOS DOCKER_REPOSITORY_NODE DOCKER_VOLUME_SSH
@ -27,58 +28,79 @@ DOCKER_RUN_OPTIONS := --rm --network $(DOCKER_NETWORK)
# When running docker command in drone, we are already in a docker (dind).
# Whe need to find the volume mounted in the current docker (runned by drone) to mount it in our docker command.
# If we do not mount the volume in our docker, we wont be able to access the files in this volume as the /drone/src directory would be empty.
DOCKER_RUN_VOLUME := -v /var/run/docker.sock:/var/run/docker.sock -v $$(docker inspect $$(basename $$(cat /proc/1/cpuset)) 2>/dev/null |awk 'BEGIN {FS=":"} $$0 ~ /"drone-[a-zA-Z0-9]*:\/drone"$$/ {gsub(/^[ \t\r\n]*"/,"",$$1); print $$1; exit}'):/drone $(if $(wildcard /root/.netrc),-v /root/.netrc:/root/.netrc)
DOCKER_RUN_VOLUME += -v $$(docker inspect $$(basename $$(cat /proc/1/cpuset)) 2>/dev/null |awk 'BEGIN {FS=":"} $$0 ~ /"drone-[a-zA-Z0-9]*:\/drone"$$/ {gsub(/^[ \t\r\n]*"/,"",$$1); print $$1; exit}'):/drone $(if $(wildcard /root/.netrc),-v /root/.netrc:/root/.netrc)
else
DOCKER_RUN_VOLUME := -v /var/run/docker.sock:/var/run/docker.sock -v $(or $(MONOREPO_DIR),$(APP_DIR)):$(or $(WORKSPACE_DIR),$(MONOREPO_DIR),$(APP_DIR))
DOCKER_RUN_VOLUME += -v $(or $(APP_PARENT_DIR),$(APP_DIR),$(PWD)):$(or $(WORKSPACE_DIR),$(APP_PARENT_DIR),$(APP_DIR),$(PWD))
endif
ifeq ($(DOCKER), true)
DOCKER_SSH_AUTH := -e SSH_AUTH_SOCK=/tmp/ssh-agent/socket -v $(DOCKER_VOLUME_SSH):/tmp/ssh-agent
# function docker-run: Run new DOCKER_IMAGE:DOCKER_IMAGE_TAG docker with arg 2
# function docker-run: Run docker image 2 with arg 1
define docker-run
$(call run,$(or $(1),$(DOCKER_IMAGE):$(DOCKER_IMAGE_TAG)) $(2))
$(call INFO,docker-run,$(1)$(comma) $(2))
$(call run,$(or $(2),$(DOCKER_IMAGE)) $(1))
endef
ifeq ($(DRONE), true)
# function exec: Run new DOCKER_IMAGE docker with arg 1
# function exec DRONE=true: Run DOCKER_IMAGE with arg 1
define exec
$(call run,$(DOCKER_SSH_AUTH) $(DOCKER_IMAGE) sh -c '$(or $(1),$(SHELL))')
$(call INFO,exec,$(1))
$(call run,$(DOCKER_IMAGE) $(or $(1),$(SHELL)))
endef
else
# function exec: Exec arg 1 in docker DOCKER_NAME
define exec
$(ECHO) docker exec $(DOCKER_EXEC_OPTIONS) $(DOCKER_ENV) $(DOCKER_RUN_WORKDIR) $(DOCKER_NAME) sh -c '$(or $(1),$(SHELL))'
$(call INFO,exec,$(1))
$(RUN) docker exec $(DOCKER_ENV) $(DOCKER_EXEC_OPTIONS) $(DOCKER_RUN_WORKDIR) $(DOCKER_NAME) $(or $(1),$(SHELL))
endef
endif
# function run: Pass arg 1 to docker run
# function run: Run docker run with arg 1 and docker repository 2
## attention: arg 2 should end with slash or space
define run
$(ECHO) docker run $(DOCKER_RUN_OPTIONS) $(DOCKER_ENV) $(DOCKER_RUN_VOLUME) $(DOCKER_RUN_WORKDIR) $(1)
$(call INFO,run,$(1)$(comma) $(2))
$(RUN) docker run $(DOCKER_ENV) $(DOCKER_RUN_OPTIONS) $(DOCKER_RUN_VOLUME) $(DOCKER_RUN_WORKDIR) $(DOCKER_SSH_AUTH) $(2)$(1)
endef
else
SHELL := /bin/bash
# function docker-run: Run new DOCKER_IMAGE:DOCKER_IMAGE_TAG docker with arg 2
# function docker-run DOCKER=false: Run docker image 2 with arg 1
define docker-run
$(ECHO) docker run $(DOCKER_RUN_OPTIONS) $(DOCKER_ENV) $(DOCKER_RUN_VOLUME) $(DOCKER_RUN_WORKDIR) $(or $(1),$(DOCKER_IMAGE):$(DOCKER_IMAGE_TAG)) $(2)
$(call INFO,docker-run,$(1)$(comma) $(2))
$(RUN) docker run $(DOCKER_ENV) $(DOCKER_RUN_OPTIONS) $(DOCKER_RUN_VOLUME) $(DOCKER_RUN_WORKDIR) $(or $(2),$(DOCKER_IMAGE)) $(1)
endef
# function exec: Call run with arg 1
# function exec DOCKER=false: Call env-exec with arg 1 or SHELL
define exec
$(call run,sh -c '$(or $(1),$(SHELL))')
$(call INFO,exec,$(1))
$(call env-exec,$(or $(1),$(SHELL)))
endef
# function run: Exec arg 1
# function run DOCKER=false: Call env-run with arg 1
define run
IFS=$$'\n'; env $(env_reset) $(env) $(1)
$(call INFO,run,$(1))
$(call env-run,$(1))
endef
endif
# function docker-volume-copy: Copy files from a docker volume to another
define docker-volume-copy
$(call INFO,docker-volume-copy,$(1)$(comma) $(2))
$(eval from := $(1))
$(eval to := $(2))
$(ECHO) docker volume inspect $(from) >/dev/null
$(ECHO) docker volume inspect $(to) >/dev/null 2>&1 || $(ECHO) docker volume create $(to) >/dev/null
$(ECHO) docker run --rm -v $(from):/from -v $(to):/to alpine ash -c "cd /from; cp -a . /to"
$(RUN) docker volume inspect $(from) >/dev/null
$(RUN) docker volume inspect $(to) >/dev/null 2>&1 || $(RUN) docker volume create $(to) >/dev/null
$(RUN) docker run --rm -v $(from):/from -v $(to):/to alpine ash -c "cd /from; cp -a . /to"
endef
# function env-run: Call env-exec with arg 1
define env-run
$(call INFO,env-run,$(1))
$(call env-exec,$(or $(1),$(SHELL)))
endef
# function env-exec: Exec arg 1 with custom env
define env-exec
$(call INFO,env-exec,$(1))
IFS=$$'\n'; env $(env_reset) $(env) $(1)
endef

137
make/def.mk
View File

@ -1,7 +1,11 @@
.DEFAULT_GOAL := help
.PHONY: FORCE
comma ?= ,
dollar ?= $
dquote ?= "
quote ?= '
lbracket ?= (
rbracket ?= )
APP ?= $(if $(wildcard .git),$(notdir $(CURDIR)))
APP_NAME ?= $(APP)
APP_TYPE ?= $(if $(SUBREPO),subrepo) $(if $(filter .,$(MYOS)),myos)
@ -9,35 +13,50 @@ APPS ?= $(if $(MONOREPO),$(sort $(patsubst $(MONOREPO
APPS_NAME ?= $(foreach app,$(APPS),$(or $(shell awk -F '=' '$$1 == "APP" {print $$2}' $(or $(wildcard $(MONOREPO_DIR)/$(app)/.env),$(wildcard $(MONOREPO_DIR)/$(app)/.env.$(ENV)),$(MONOREPO_DIR)/$(app)/.env.dist) 2>/dev/null),$(app)))
BRANCH ?= $(GIT_BRANCH)
CMDS ?= exec exec:% exec@% install-app install-apps run run:% run@%
COLOR_INFO ?= $(COLOR_BROWN)
COLOR_HIGHLIGHT ?= $(COLOR_GREEN)
COLOR_VALUE ?= $(COLOR_CYAN)
COLOR_WARNING ?= $(COLOR_YELLOW)
COLOR_RESET ?= \033[0m
COLOR_DGRAY ?= \033[30m
COLOR_RED ?= \033[31m
COLOR_GREEN ?= \033[32m
COLOR_BROWN ?= \033[33m
COLOR_YELLOW ?= \033[01;33m
COLOR_BLUE ?= \033[01;34m
COLOR_CYAN ?= \033[36m
COLOR_GRAY ?= \033[37m
COMMIT ?= $(or $(SUBREPO_COMMIT),$(GIT_COMMIT))
CONFIG ?= $(RELATIVE)config
CONFIG_REPOSITORY ?= $(call pop,$(or $(APP_UPSTREAM_REPOSITORY),$(GIT_UPSTREAM_REPOSITORY)))/$(notdir $(CONFIG))
CONTEXT ?= $(if $(APP),APP BRANCH VERSION) $(shell awk 'BEGIN {FS="="}; $$1 !~ /^(\#|$$)/ {print $$1}' .env.dist 2>/dev/null)
CONTEXT_DEBUG ?= MAKEFILE_LIST env APPS GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME LOG_LEVEL MAKE_DIR MAKE_SUBDIRS MAKE_CMD_ARGS MAKE_ENV_ARGS MONOREPO_DIR UID USER
DEBUG ?= false
DOCKER ?= true
CONTEXT ?= $(if $(APP),APP BRANCH DOMAIN VERSION) $(shell awk 'BEGIN {FS="="}; $$1 !~ /^(\#|$$)/ {print $$1}' .env.dist 2>/dev/null)
CONTEXT_DEBUG ?= MAKEFILE_LIST env env.docker APPS GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME MAKE_DIR MAKE_SUBDIRS MAKE_CMD_ARGS MAKE_ENV_ARGS UID USER
DEBUG ?=
DOCKER ?= $(if $(BUILD),false,true)
DOMAIN ?= localhost
DRONE ?= false
DRYRUN ?= false
DRYRUN_IGNORE ?= false
DRYRUN_RECURSIVE ?= false
ENV ?= dist
ENV_FILE ?= $(wildcard $(CONFIG)/$(ENV)/$(APP)/.env) .env
ENV_LIST ?= debug local tests release master #TODO: staging develop
ELAPSED_TIME = $(shell $(call TIME))
ENV ?= local
ENV_FILE ?= $(wildcard $(CONFIG)/$(ENV)/$(APP)/.env .env)
ENV_LIST ?= $(shell ls .git/refs/heads/ 2>/dev/null)
ENV_RESET ?= false
ENV_VARS ?= APP BRANCH ENV HOSTNAME GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME MONOREPO MONOREPO_DIR TAG UID USER VERSION
ENV_VARS ?= APP BRANCH DOMAIN ENV HOSTNAME GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME MONOREPO MONOREPO_DIR TAG UID USER VERSION
GID ?= $(shell id -g 2>/dev/null)
GIT_AUTHOR_EMAIL ?= $(shell git config user.email 2>/dev/null)
GIT_AUTHOR_NAME ?= $(shell git config user.name 2>/dev/null)
GIT_AUTHOR_EMAIL ?= $(or $(shell git config user.email 2>/dev/null),$(USER)@my.os)
GIT_AUTHOR_NAME ?= $(or $(shell git config user.name 2>/dev/null),$(USER))
GIT_BRANCH ?= $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null)
GIT_COMMIT ?= $(shell git rev-parse $(BRANCH) 2>/dev/null)
GIT_REPOSITORY ?= $(if $(SUBREPO),$(shell awk -F ' = ' '$$1 ~ /^[[\s\t]]*remote$$/ {print $$2}' .gitrepo 2>/dev/null),$(shell git config --get remote.origin.url 2>/dev/null))
GIT_TAG ?= $(shell git tag -l --points-at $(BRANCH) 2>/dev/null)
GIT_UPSTREAM_REPOSITORY ?= $(if $(findstring ://,$(GIT_REPOSITORY)),$(call pop,$(call pop,$(GIT_REPOSITORY)))/,$(call pop,$(GIT_REPOSITORY),:):)$(GIT_UPSTREAM_USER)/$(lastword $(subst /, ,$(GIT_REPOSITORY)))
GIT_UPSTREAM_USER ?= $(or $(MONOREPO),$(USER))
GIT_UPSTREAM_USER ?= $(lastword $(subst /, ,$(call pop,$(MYOS_REPOSITORY))))
GIT_VERSION ?= $(shell git describe --tags $(BRANCH) 2>/dev/null || git rev-parse $(BRANCH) 2>/dev/null)
HOSTNAME ?= $(shell hostname 2>/dev/null |sed 's/\..*//')
LOG_LEVEL ?= $(if $(filter false,$(VERBOSE)),error,$(if $(filter true,$(DEBUG)),debug))
IGNORE_DRYRUN ?= false
IGNORE_VERBOSE ?= false
LOG_LEVEL ?= $(if $(DEBUG),debug,$(if $(VERBOSE),info,error))
MAKE_ARGS ?= $(foreach var,$(MAKE_VARS),$(if $($(var)),$(var)='$($(var))'))
MAKE_SUBDIRS ?= $(if $(filter myos,$(MYOS)),monorepo,$(if $(APP),apps $(foreach type,$(APP_TYPE),$(if $(wildcard $(MAKE_DIR)/apps/$(type)),apps/$(type)))))
MAKE_CMD_ARGS ?= $(foreach var,$(MAKE_CMD_VARS),$(var)='$($(var))')
@ -48,12 +67,15 @@ MAKE_FILE_ARGS ?= $(foreach var,$(filter $(ENV_VARS),$(MAKE_FIL
MAKE_FILE_VARS ?= $(strip $(foreach var, $(filter-out .VARIABLES,$(.VARIABLES)), $(if $(filter file,$(origin $(var))),$(var))))
MAKE_OLDFILE ?= $@
MAKE_TARGETS ?= $(filter-out $(.VARIABLES),$(shell $(MAKE) -qp 2>/dev/null |awk -F':' '/^[a-zA-Z0-9][^$$\#\/\t=]*:([^=]|$$)/ {print $$1}' |sort -u))
MAKE_UNIXTIME ?= $(shell date +%s 2>/dev/null)
MAKE_UNIXTIME_START := $(shell date -u +'%s' 2>/dev/null)
MAKE_UNIXTIME_CURRENT = $(shell date -u "+%s" 2>/dev/null)
MAKE_VARS ?= ENV
MONOREPO ?= $(if $(filter myos,$(MYOS)),$(notdir $(CURDIR)),$(if $(APP),$(notdir $(realpath $(CURDIR)/..))))
MONOREPO_DIR ?= $(if $(MONOREPO),$(if $(filter myos,$(MYOS)),$(realpath $(CURDIR)),$(if $(APP),$(realpath $(CURDIR)/..))))
MYOS ?= $(if $(filter $(MAKE_DIR),$(call pop,$(MAKE_DIR))),.,$(call pop,$(MAKE_DIR)))
QUIET ?= $(if $(filter false,$(VERBOSE)),--quiet)
MYOS_COMMIT ?= $(shell GIT_DIR=$(MYOS)/.git git rev-parse head 2>/dev/null)
MYOS_REPOSITORY ?= $(shell GIT_DIR=$(MYOS)/.git git config --get remote.origin.url 2>/dev/null)
QUIET ?= $(if $(VERBOSE),,--quiet)
RECURSIVE ?= true
RELATIVE ?= $(if $(filter myos,$(MYOS)),./,../)
SHARED ?= $(RELATIVE)shared
@ -62,7 +84,8 @@ SUBREPO ?= $(if $(wildcard .gitrepo),$(notdir $(CURDIR))
TAG ?= $(GIT_TAG)
UID ?= $(shell id -u 2>/dev/null)
USER ?= $(shell id -nu 2>/dev/null)
VERBOSE ?= false
USER_ENV ?= $(USER)_$(ENV)
VERBOSE ?= $(if $(DEBUG),true)
VERSION ?= $(GIT_VERSION)
ifeq ($(DOCKER), true)
@ -71,13 +94,14 @@ else
ENV_ARGS = $(env.args) $(env.dist)
endif
ifneq ($(DEBUG),true)
.SILENT:
else
ifneq ($(DEBUG),)
CONTEXT += $(CONTEXT_DEBUG)
else
.SILENT:
endif
ifeq ($(DRYRUN),true)
ECHO = $(if $(filter $(DRYRUN_IGNORE),true),,printf '${COLOR_BROWN}$(APP)${COLOR_RESET}[${COLOR_GREEN}$(MAKELEVEL)${COLOR_RESET}] ${COLOR_BLUE}$@${COLOR_RESET}:${COLOR_RESET} '; echo)
RUN = $(if $(filter-out true,$(IGNORE_DRYRUN)),echo)
ifeq ($(RECURSIVE), true)
DRYRUN_RECURSIVE := true
endif
@ -110,6 +134,7 @@ endif
# function conf: Extract variable=value line from configuration files
## it prints the line with variable 3 definition from block 2 in file 1
define conf
$(call INFO,conf,$(1)$(comma) $(2)$(comma) $(3))
$(eval file := $(1))
$(eval block := $(2))
$(eval variable := $(3))
@ -138,11 +163,40 @@ endef
# macro force: Run command 1 sine die
## it starts command 1 if it is not already running
## it returns never
force = $$(while true; do [ $$(ps x |awk 'BEGIN {nargs=split("'"$$*"'",args)} $$field == args[1] { matched=1; for (i=1;i<=NF-field;i++) { if ($$(i+field) == args[i+1]) {matched++} } if (matched == nargs) {found++} } END {print found+0}' field=4) -eq 0 ] && $(ECHO) $(1) || sleep 1; done)
force = $$(while true; do [ $$(ps x |awk 'BEGIN {nargs=split("'"$$*"'",args)} $$field == args[1] { matched=1; for (i=1;i<=NF-field;i++) { if ($$(i+field) == args[i+1]) {matched++} } if (matched == nargs) {found++} } END {print found+0}' field=4) -eq 0 ] && $(RUN) $(1) || sleep 1; done)
# macro gid: Return GID of group 1
gid = $(shell grep '^$(1):' /etc/group 2>/dev/null |awk -F: '{print $$3}')
INFO_FD := 2
# macro INFO: customized info
INFO = \
$(if $(VERBOSE),$(if $(filter-out true,$(IGNORE_VERBOSE)), \
printf '${COLOR_INFO}$(APP)${COLOR_RESET}\
[${COLOR_VALUE}$(MAKELEVEL)${COLOR_RESET}] \
${COLOR_HIGHLIGHT}$@${COLOR_RESET}:${COLOR_RESET} ' >&$(INFO_FD) \
$(if $(2), \
&& printf 'Call ${COLOR_HIGHLIGHT}$(1)${COLOR_RESET}$(lbracket)' >&$(INFO_FD) \
&& $(or $(strip $(call PRINTF,$(2))),printf '$(2)') >&$(INFO_FD) \
&& printf '$(rbracket)' >&$(INFO_FD) \
$(if $(3),&& printf ' ${COLOR_VALUE}in${COLOR_RESET} $(3)' >&$(INFO_FD)) \
, \
&& $(strip $(call PRINTF,$(1)) >&$(INFO_FD)) \
) \
&& printf '\n' >&$(INFO_FD) \
))
# function install-app: Exec 'git clone url 1 dir 2' or Call update-app with url 1 dir 2
define install-app
$(call INFO,install-app,$(1)$(comma) $(2))
$(eval url := $(or $(1), $(APP_REPOSITORY)))
$(eval dir := $(or $(2), $(RELATIVE)$(lastword $(subst /, ,$(url)))))
$(if $(wildcard $(dir)/.git), \
$(call update-app,$(url),$(dir)), \
$(RUN) $(call exec,git clone $(QUIET) $(url) $(dir)) \
)
endef
# function make: Call make with predefined options and variables
# 1st arg: make command line (targets and arguments)
# 2nd arg: directory to call make from
@ -164,33 +218,30 @@ define make
$(if $(wildcard $(file)),$(eval MAKE_ARGS += $(shell cat $(file) |sed '/^$$/d; /^#/d; /=/!d; s/^[[\s\t]]*//; s/[[\s\t]]*=[[\s\t]]*/=/;' |awk -F '=' '{print $$1"='\''"$$2"'\''"}')))
$(eval MAKE_DIR := $(if $(dir),-C $(dir)))
$(eval MAKE_OLDFILE += $(filter-out $(MAKE_OLDFILE), $^))
$(if $(filter $(VERBOSE),true),printf '${COLOR_GREEN}Running${COLOR_RESET} "'"make $(MAKE_ARGS) $(cmd)"'" $(if $(dir),${COLOR_BLUE}in folder${COLOR_RESET} $(dir) )\n')
$(ECHO) $(MAKE) $(MAKE_DIR) $(patsubst %,-o %,$(MAKE_OLDFILE)) MAKE_OLDFILE="$(MAKE_OLDFILE)" $(MAKE_ARGS) $(cmd)
$(if $(filter $(DRYRUN_RECURSIVE),true),$(MAKE) $(MAKE_DIR) $(patsubst %,-o %,$(MAKE_OLDFILE)) MAKE_OLDFILE="$(MAKE_OLDFILE)" DRYRUN=$(DRYRUN) RECURSIVE=$(RECURSIVE) $(MAKE_ARGS) $(cmd))
$(call INFO,make,$(MAKE_ARGS) $(cmd),$(dir))
$(RUN) $(MAKE) $(MAKE_DIR) $(patsubst %,-o %,$(MAKE_OLDFILE)) MAKE_OLDFILE="$(MAKE_OLDFILE)" $(MAKE_ARGS) $(cmd)
$(if $(filter true,$(DRYRUN_RECURSIVE)),$(MAKE) $(MAKE_DIR) $(patsubst %,-o %,$(MAKE_OLDFILE)) MAKE_OLDFILE="$(MAKE_OLDFILE)" DRYRUN=$(DRYRUN) RECURSIVE=$(RECURSIVE) $(MAKE_ARGS) $(cmd))
endef
# macro pop: Return last word of string 1 according to separator 2
pop = $(patsubst %$(or $(2),/)$(lastword $(subst $(or $(2),/), ,$(1))),%,$(1))
# macro sed: Exec sed script 1 on file 2
sed = $(call exec,sed -i $(SED_SUFFIX) '\''$(1)'\'' $(2))
sed = $(RUN) $(call exec,sed -i $(SED_SUFFIX) '$(1)' $(2))
# function install-app: Exec 'git clone url 1 dir 2' or Call update-app
## it installs application source files
define install-app
$(eval url := $(or $(1), $(APP_REPOSITORY)))
$(eval dir := $(or $(2), $(RELATIVE)$(lastword $(subst /, ,$(url)))))
[ -d $(dir) ] && $(call update-app,$(url),$(dir))
[ -d $(dir) ] || $(call exec,$(ECHO) git clone $(QUIET) $(url) $(dir))
endef
# macro TIME: Print time elapsed since unixtime 1
TIME = awk '{printf "%02d:%02d:%02d\n",int($$1/3600),int(($$1%3600)/60),int($$1%60)}' \
<<< $(shell bc <<< "$(or $(2),$(MAKE_UNIXTIME_CURRENT))-$(or $(1),$(MAKE_UNIXTIME_START))" 2>/dev/null)
# function update-app: Exec 'cd dir 1 && git pull' or Call install-app
## it updates application source files
define update-app
$(call INFO,update-app,$(1)$(comma) $(2))
$(eval url := $(or $(1), $(APP_REPOSITORY)))
$(eval dir := $(or $(2), $(APP_DIR)))
[ -d $(dir) ] && $(call exec,cd $(dir) && $(ECHO) git pull $(QUIET))
[ -d $(dir) ] || $(call install-app,$(url),$(dir))
$(if $(wildcard $(dir)/.git), \
$(RUN) $(call exec,sh -c 'cd $(dir) && git pull $(QUIET)'), \
$(call install-app,$(url),$(dir)) \
)
endef
# function TARGET:ENV: Create a new target ending with :env
@ -203,6 +254,20 @@ $(TARGET):
$$(call make,$$*,,ENV_FILE)
endef
WARNING_FD := 2
# macro WARNING: customized warning
WARNING = printf '${COLOR_WARNING}WARNING:${COLOR_RESET} ${COLOR_INFO}$(APP)${COLOR_RESET}\
[${COLOR_VALUE}$(MAKELEVEL)${COLOR_RESET}] \
${COLOR_HIGHLIGHT}$@${COLOR_RESET}:${COLOR_RESET} ' >&$(WARNING_FD) \
$(if $(2), \
&& printf '$(1) ' >&$(WARNING_FD) \
&& printf '${COLOR_HIGHLIGHT}$(2)${COLOR_RESET}' >&$(WARNING_FD) \
$(if $(3),&& printf ' in ${COLOR_VALUE}$(3)${COLOR_RESET}' >&$(WARNING_FD)) \
, \
&& $(strip $(call PRINTF,$(1)) >&$(WARNING_FD)) \
) \
&& printf '\n' >&$(WARNING_FD)
# set ENV=env for targets ending with :env
## for each env in ENV_LIST
## it overrides value of ENV with env

10
make/env.mk
View File

@ -22,11 +22,11 @@ env = $(env.args) $(env.dist) $(env.file)
env.docker = $(env.docker.args) $(env.docker.dist) $(env.docker.file)
env.args = $(foreach var,$(ENV_VARS),$(if $($(var)),$(var)='$($(var))'))
env.dist = $(shell printenv |awk -F '=' 'NR == FNR { if($$1 !~ /^(\#|$$)/) { A[$$1]; next } } ($$1 in A)' .env.dist - 2>/dev/null)
env.file = $(shell cat $(ENV_FILE) 2>/dev/null |sed '/^[ \t]*$$/d;/^[ \t]*\#/d;')
env.dist ?= $(shell printenv |awk -F '=' 'NR == FNR { if($$1 !~ /^(\#|$$)/) { A[$$1]; next } } ($$1 in A)' .env.dist - 2>/dev/null)
env.file ?= $(shell cat $(or $(ENV_FILE),/dev/null) 2>/dev/null |sed '/^[ \t]*$$/d;/^[ \t]*\#/d;s/='\''/=/;s/'\''$$//;s/='\"'/=/;s/'\"'$$//;' |awk -F '=' '{print $$1"='\''"$$2"'\''"}')
env.docker.args = $(foreach var,$(ENV_VARS),$(if $($(var)),-e $(var)='$($(var))'))
env.docker.dist = $(shell printenv |awk -F '=' 'NR == FNR { if($$1 !~ /^(\#|$$)/) { A[$$1]; next } } ($$1 in A) {print "-e "$$0}' .env.dist - 2>/dev/null)
env.docker.file = $(patsubst %,--env-file %,$(wildcard $(ENV_FILE)))
env.docker.dist ?= $(shell printenv |awk -F '=' 'NR == FNR { if($$1 !~ /^(\#|$$)/) { A[$$1]; next } } ($$1 in A) {print "-e "$$0}' .env.dist - 2>/dev/null)
env.docker.file ?= $(patsubst %,--env-file %,$(wildcard $(ENV_FILE)))
SHELL:=/bin/bash
@ -37,6 +37,7 @@ SHELL:=/bin/bash
# 2nd arg: path to .env.dist file, default to .env.dist
# 3rd arg: path to .env override files, default to .env.$(ENV)
define .env
$(call INFO,.env,$(1)$(comma) $(2)$(comma) $(3))
$(eval env_file:=$(or $(1),.env))
$(eval env_dist:=$(or $(2),$(env_file).dist))
$(eval env_over:=$(or $(wildcard $(3)),$(wildcard $(env_file).$(ENV))))
@ -70,6 +71,7 @@ endef
# sort alphabetically
# add variables definition to the .env file
define .env_update
$(call INFO,.env_update,$(env_file) $(env_dist) $(env_over))
touch $(env_file)
printenv \
|awk -F '=' 'NR == FNR { if($$1 !~ /^(#|$$)/) { A[$$1]; next } } !($$1 in A)' - $(env_dist) \

37
make/help.mk
View File

@ -1,31 +1,28 @@
##
# HELP
.DEFAULT_GOAL := help
COLOR_RESET ?= \033[0m
COLOR_GREEN ?= \033[32m
COLOR_BROWN ?= \033[33m
COLOR_BLUE ?= \033[36m
.PHONY: FORCE
# target blank1 blank2: Print new line
.PHONY: blank1 blank2
blank1 blank2:
printf "\n"
# target context: Call context-% target for each CONTEXT
# target context: Print Context and Call contexts target
.PHONY: context
context:
printf "${COLOR_BROWN}Context:${COLOR_RESET}\n"
$(MAKE) $(foreach var,$(CONTEXT),$(if $($(var)),context-$(var))) FORCE
printf "${COLOR_INFO}Context:${COLOR_RESET}\n"
$(MAKE) contexts
# target context: Fire context-% target for each CONTEXT
.PHONY: contexts
contexts: $(foreach var,$(CONTEXT),context-$(var))
# target context-%: Print % value
.PHONY: context-%
context-%:
printf "${COLOR_BLUE}%-37s${COLOR_RESET}" $*
printf "${COLOR_GREEN}"
printf "${COLOR_HIGHLIGHT}%-37s${COLOR_RESET}" $*
printf "${COLOR_VALUE}"
$(call PRINTF,$($*))
printf "${COLOR_RESET}"
printf "${COLOR_RESET}\n"
# target doc: Fire functions macros target variables
doc: functions macros targets variables ;
@ -44,7 +41,7 @@ functions: functions-.
# target functions-%: Print documented functions starting with %
.PHONY: functions-%
functions-%:
awk 'BEGIN {FS = ": "}; $$0 ~ /^# function $*.*:.*$$/ {printf "${COLOR_BLUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST)
awk 'BEGIN {FS = ": "}; $$0 ~ /^# function $*.*:.*$$/ {printf "${COLOR_VALUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST)
# target macros: Fire macros-.
.PHONY: macros
@ -53,13 +50,13 @@ macros: macros-.
# target macros-%: Print documented macros starting with %
.PHONY: macros-%
macros-%:
awk 'BEGIN {FS = ": "}; $$0 ~ /^# macro $*.*:.*$$/ {printf "${COLOR_BLUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST)
awk 'BEGIN {FS = ": "}; $$0 ~ /^# macro $*.*:.*$$/ {printf "${COLOR_VALUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST)
# target target: Show common targets
.PHONY: target
target:
printf "${COLOR_BROWN}Targets:${COLOR_RESET}\n"
awk 'BEGIN {FS = ":.*?## "}; $$0 ~ /^[a-zA-Z_-]+:.*?## .*$$/ {printf "${COLOR_BLUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST)
printf "${COLOR_INFO}Targets:${COLOR_RESET}\n"
awk 'BEGIN {FS = ":.*?## "}; $$0 ~ /^[a-zA-Z_-]+:.*?## .*$$/ {printf "${COLOR_VALUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST)
# target targets: Fire targets-.
.PHONY: targets
@ -68,12 +65,12 @@ targets: targets-.
# target targets-%: Print documented targets
.PHONY: targets-%
targets-%:
awk 'BEGIN {FS = ": "}; $$0 ~ /^# target $*.*:.*$$/ {printf "${COLOR_BLUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST)
awk 'BEGIN {FS = ": "}; $$0 ~ /^# target $*.*:.*$$/ {printf "${COLOR_VALUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST)
# target usage: Print Usage
.PHONY: usage
usage:
printf "${COLOR_BROWN}Usage:${COLOR_RESET}\n"
printf "${COLOR_INFO}Usage:${COLOR_RESET}\n"
printf "make [target]\n"
# target variables: Fire variables-.
@ -83,4 +80,4 @@ variables: variables-.
# target variables-%: Show documented variables
.PHONY: variables-%
variables-%:
awk 'BEGIN {FS = ": "}; $$0 ~ /^# variable $*.*:.*$$/ {printf "${COLOR_BLUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST)
awk 'BEGIN {FS = ": "}; $$0 ~ /^# variable $*.*:.*$$/ {printf "${COLOR_VALUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST)

22
make/include.mk
View File

@ -1,13 +1,21 @@
##
# INCLUDE
# variable MAKE_DIR: Directory path of this file
# variable MAKE_DIR: Path of this file
MAKE_DIR := $(patsubst %/,%,$(dir $(lastword $(MAKEFILE_LIST))))
# variable MAKE_FILE: Name of this file
MAKE_FILE := $(notdir $(lastword $(MAKEFILE_LIST)))
# variable MAKE_FILES: List of first files to load
MAKE_FILES := env.mk def.mk $(wildcard def.*.mk)
## it includes $(MAKE_DIR)/$(MAKE_FILES) $(MAKE_DIR)/*.mk
include $(wildcard $(patsubst %,$(MAKE_DIR)/%,$(MAKE_FILES))) $(filter-out $(wildcard $(patsubst %,$(MAKE_DIR)/%,$(notdir $(lastword $(MAKEFILE_LIST))) $(MAKE_FILES))),$(wildcard $(MAKE_DIR)/*.mk))
## it includes $(MAKE_DIR)/*/def.mk $(MAKE_DIR)/*/def.*.mk $(MAKE_DIR)/*/*.mk
include $(foreach subdir,$(MAKE_SUBDIRS),$(wildcard $(MAKE_DIR)/$(subdir)/def.mk $(MAKE_DIR)/$(subdir)/def.*.mk) $(filter-out $(wildcard $(MAKE_DIR)/$(subdir)/def.mk $(MAKE_DIR)/$(subdir)/def.*.mk),$(wildcard $(MAKE_DIR)/$(subdir)/*.mk)))
## it includes def.mk def.*.mk *.mk */def.mk */def.*.mk */*.mk
include $(wildcard def.mk def.*.mk) $(filter-out $(wildcard def.mk def.*.mk),$(wildcard *.mk)) $(filter-out $(wildcard $(MAKE_DIR)/*.mk),$(wildcard */def.mk */def.*.mk) $(filter-out $(wildcard */def.mk */def.*.mk),$(wildcard */*.mk)))
## it includes $(MAKE_DIR)/$(MAKE_FILES)
include $(wildcard $(patsubst %,$(MAKE_DIR)/%,$(MAKE_FILES)))
## it includes $(MAKE_DIR)/*/def.mk $(MAKE_DIR)/*/def.*.mk
include $(foreach subdir,$(MAKE_SUBDIRS),$(wildcard $(MAKE_DIR)/$(subdir)/def.mk $(MAKE_DIR)/$(subdir)/def.*.mk))
## it includes def.mk def.*.mk */def.mk */def.*.mk
include $(wildcard def.mk def.*.mk) $(filter-out $(wildcard $(MAKE_DIR)/*.mk),$(wildcard */def.mk */def.*.mk))
## it includes $(MAKE_DIR)/*.mk
include $(filter-out $(wildcard $(patsubst %,$(MAKE_DIR)/%,$(MAKE_FILE) $(MAKE_FILES))),$(wildcard $(MAKE_DIR)/*.mk))
## it includes $(MAKE_DIR)/*/*.mk
include $(foreach subdir,$(MAKE_SUBDIRS),$(filter-out $(wildcard $(MAKE_DIR)/$(subdir)/def.mk $(MAKE_DIR)/$(subdir)/def.*.mk),$(wildcard $(MAKE_DIR)/$(subdir)/*.mk)))
## it includes *.mk */*.mk
include $(filter-out $(wildcard def.mk def.*.mk),$(wildcard *.mk)) $(filter-out $(wildcard $(MAKE_DIR)/*.mk */def.mk */def.*.mk),$(wildcard */*.mk))

5
make/monorepo/common.mk
View File

@ -24,7 +24,7 @@ config: $(APPS)
# target copy: Copy files and folders to all APPS
.PHONY: copy
copy:
$(foreach app,$(APPS),$(foreach file,$(ARGS),$(if $(wildcard $(file)),$(ECHO) $(if $(filter LINUX,$(HOST_SYSTEM)),cp -a --parents $(file) $(app)/,rsync -a $(file) $(app)/$(file)) &&)) true &&) true
$(foreach app,$(APPS),$(foreach file,$(ARGS),$(if $(wildcard $(file)),$(RUN) $(if $(filter LINUX,$(HOST_SYSTEM)),cp -a --parents $(file) $(app)/,rsync -a $(file) $(app)/$(file)) &&)) true &&) true
# target deploy: Fire APPS target
.PHONY: deploy
@ -95,7 +95,8 @@ upgrade: upgrade-apps release-upgrade ## Upgrade applications
$(APPS):
$(if $(wildcard $@/Makefile), \
$(call make,$(patsubst apps-%,%,$(MAKECMDGOALS)) STATUS=0,$(patsubst %/,%,$@),APP_PATH_PREFIX), \
printf "${COLOR_BROWN}WARNING${COLOR_RESET}: ${COLOR_GREEN}no app available in folder${COLOR_RESET} $@.\n" >&2)
$(call WARNING,no Makefile in,$@) \
)
# target apps-%: Fire $(APPS) target to call target % in $(APPS)
.PHONY: apps-%

4
make/monorepo/release.mk
View File

@ -37,7 +37,7 @@ release-finish: release-check git-stash
# target release-update: Update RELEASE with RELEASE_VERSION in .env
.PHONY: release-update
release-update:
$(ECHO) awk -v s=RELEASE=$(RELEASE_VERSION) '/^RELEASE=/{$$0=s;f=1} {a[++n]=$$0} END{if(!f)a[++n]=s;for(i=1;i<=n;i++)print a[i]>ARGV[1]}' .env
$(RUN) awk -v s=RELEASE=$(RELEASE_VERSION) '/^RELEASE=/{$$0=s;f=1} {a[++n]=$$0} END{if(!f)a[++n]=s;for(i=1;i<=n;i++)print a[i]>ARGV[1]}' .env
# target release-upgrade: Run migration targets to upgrade specific releases
.PHONY: release-upgrade
@ -46,4 +46,4 @@ release-upgrade: $(patsubst %,release-upgrade-from-%,$(RELEASE_UPGRADE)) release
# target release-upgrade-from-%: Sample of catch-all release migration target
.PHONY: release-upgrade-from-%
release-upgrade-from-%:
echo "Upgrading from release: $*"
printf 'Upgrading from release: $*\n'

42
make/monorepo/subrepo.mk
View File

@ -3,9 +3,10 @@
# target subrepo-branch-delete: Delete branch $(BRANCH) on remote $(SUBREPO)
.PHONY: subrepo-branch-delete
subrepo-branch-delete: myos-base subrepo-check
subrepo-branch-delete: $(if $(DOCKER_RUN),myos-base) subrepo-check
ifneq ($(words $(BRANCH)),0)
$(call exec,[ $$(git ls-remote --heads $(REMOTE) $(BRANCH) |wc -l) -eq 1 ] && git push $(REMOTE) :$(BRANCH) || echo Unable to delete branch $(BRANCH) on remote $(REMOTE).)
$(call exec,[ $$(git ls-remote --heads $(REMOTE) $(BRANCH) 2>/dev/null |wc -l) -eq 1 ]) \
&& $(RUN) $(call exec,git push $(REMOTE) :$(BRANCH))
endif
# target subrepo-check: Define SUBREPO and REMOTE
@ -26,21 +27,22 @@ endif
## it compares child commit with our tree : git diff --quiet child -- subrepo
.PHONY: subrepo-git-diff
subrepo-git-diff: myos-base subrepo-check
$(eval DRYRUN_IGNORE := true)
$(eval DIFF = $(shell $(call exec,git diff --quiet $(shell $(call exec,git rev-list --ancestry-path $(shell awk '$$1 == "parent" {print $$3}' $(SUBREPO)/.gitrepo)..HEAD |tail -n 1)) -- $(SUBREPO); echo $$?)) )
$(eval DRYRUN_IGNORE := false)
$(eval IGNORE_DRYRUN := true)
$(eval DIFF = $(shell $(call exec,git diff --quiet $(shell $(call exec,git rev-list --ancestry-path $(shell awk '$$1 == "parent" {print $$3}' $(SUBREPO)/.gitrepo)..HEAD |tail -n 1)) -- $(SUBREPO); printf '$$?\n')) )
$(eval IGNORE_DRYRUN := false)
# target subrepo-git-fetch: Fetch git remote
.PHONY: subrepo-git-fetch
subrepo-git-fetch: myos-base subrepo-check
$(call exec,git fetch --prune $(REMOTE))
$(RUN) $(call exec,git fetch --prune $(REMOTE))
# target subrepo-tag-create-%: Create tag TAG to reference branch REMOTE/%
.PHONY: subrepo-tag-create-%
subrepo-tag-create-%: myos-base subrepo-check subrepo-git-fetch
ifneq ($(words $(TAG)),0)
$(call exec,[ $$(git ls-remote --tags $(REMOTE) $(TAG) |wc -l) -eq 0 ] || git push $(REMOTE) :refs/tags/$(TAG))
$(call exec,git push $(REMOTE) refs/remotes/subrepo/$(SUBREPO)/$*:refs/tags/$(TAG))
$(call exec,[ $$(git ls-remote --tags $(REMOTE) $(TAG) |wc -l) -eq 0 ]) \
|| $(RUN) $(call exec,git push $(REMOTE) :refs/tags/$(TAG))
$(RUN) $(call exec,git push $(REMOTE) refs/remotes/subrepo/$(SUBREPO)/$*:refs/tags/$(TAG))
endif
# target subrepo-push: Push to subrepo
@ -50,24 +52,24 @@ subrepo-push: myos-base subrepo-check subrepo-git-fetch subrepo-git-diff
ifeq ($(BRANCH),master)
$(eval UPDATE_SUBREPO_OPTIONS += -u)
endif
# if release|story|hotfix branch, delete remote branch before push and recreate it from master
ifneq ($(findstring $(firstword $(subst /, ,$(BRANCH))),release story hotfix),)
$(eval DRYRUN_IGNORE := true)
$(eval DELETE = $(shell $(call exec,git ls-remote --heads $(REMOTE) $(BRANCH) |wc -l)) )
$(eval DRYRUN_IGNORE := false)
# if specific branch name, delete remote branch before push and recreate it from master
ifneq ($(findstring $(firstword $(subst /, ,$(BRANCH))),feature hotfix release story),)
$(eval IGNORE_DRYRUN := true)
$(eval DELETE = $(shell $(call exec,sh -c 'git ls-remote --heads $(REMOTE) $(BRANCH) |wc -l')) )
$(eval IGNORE_DRYRUN := false)
else
$(eval DELETE = 0)
endif
if [ $(DIFF) -eq 0 ]; then \
echo subrepo $(SUBREPO) already up to date.; \
$(call INFO,subrepo $(SUBREPO) already up to date); \
else \
if [ $(DELETE) -eq 1 ]; then \
$(call exec,git push $(REMOTE) :$(BRANCH)); \
$(call exec,git push $(REMOTE) refs/remotes/$(REMOTE)/master:refs/heads/$(BRANCH)); \
$(RUN) $(call exec,git push $(REMOTE) :$(BRANCH)); \
$(RUN) $(call exec,git push $(REMOTE) refs/remotes/$(REMOTE)/master:refs/heads/$(BRANCH)); \
fi; \
$(call exec,git subrepo fetch $(SUBREPO) -b $(BRANCH)); \
$(call exec,git subrepo push $(SUBREPO) -b $(BRANCH) $(UPDATE_SUBREPO_OPTIONS)); \
$(call exec,git subrepo clean $(SUBREPO)); \
$(RUN) $(call exec,git subrepo fetch $(SUBREPO) -b $(BRANCH)); \
$(RUN) $(call exec,git subrepo push $(SUBREPO) -b $(BRANCH) $(UPDATE_SUBREPO_OPTIONS)); \
$(RUN) $(call exec,git subrepo clean $(SUBREPO)); \
fi
# target subrepos-branch-delete: Fire APPS target
@ -81,7 +83,7 @@ subrepos-tag-create-%: $(APPS) ;
# target subrepos-update: Fire APPS target and push updates to upstream
.PHONY: subrepos-update
subrepos-update: myos-base git-stash $(APPS) git-unstash ## Update subrepos
$(call exec,git push upstream $(BRANCH))
$(RUN) $(call exec,git push upstream $(BRANCH))
# target subrepo-update-%: Call subrepo-update target in folder %
.PHONY: subrepo-update-%

3
make/utils.mk
View File

@ -123,6 +123,7 @@ QUOTE = '
# (that's why the single-quotes are escaped they way they are, above,
# and why the dollar sign is not escaped) to printf(1). A trailing
# newline is apended, too.
# Note: Removing the apended trailing newline for custom needs
#
# Note: leading or trailing spaces are *not* stripped.
#
@ -130,5 +131,5 @@ define PRINTF
printf '$(subst $(sep),\n,\
$(subst $(PERCENT),$(PERCENT)$(PERCENT),\
$(subst $(QUOTE),$(QUOTE)\$(QUOTE)$(QUOTE),\
$(subst \,\\,$(1)))))\n'
$(subst \,\\,$(1)))))'
endef

3
openstack/.env.dist
View File

@ -1,6 +1,3 @@
DEBUG=false
DOCKER=true
ENV=local
OS_AUTH_URL=
OS_TENANT_ID=
OS_TENANT_NAME=

13
openstack/def.openstack.mk
View File

@ -1,19 +1,14 @@
CMDS += openstack
ENV_VARS += OS_AUTH_URL OS_TENANT_ID OS_TENANT_NAME OS_USERNAME OS_PASSWORD OS_REGION_NAME OS_USER_DOMAIN_NAME OS_PROJECT_DOMAIN_NAME
ifeq ($(DEBUG), true)
ifneq ($(DEBUG),)
OPENSTACK_ARGS += --debug
endif
ifeq ($(ENV), local)
ifneq ($(VERBOSE),)
OPENSTACK_ARGS += -v
endif
ifeq ($(DOCKER), true)
define openstack
$(call run,$(DOCKER_SSH_AUTH) $(DOCKER_REPOSITORY)/openstack:$(DOCKER_IMAGE_TAG) $(1))
endef
else
# function openstack: Call run openstack with arg 1
define openstack
$(call run,openstack $(1))
$(call INFO,openstack,$(1))
$(RUN) $(call run,openstack $(1),$(DOCKER_REPOSITORY)/)
endef
endif

34
packer/def.packer.mk
View File

@ -1,4 +1,5 @@
CMDS += packer
DOCKER_RUN_OPTIONS_PACKER ?= -p $(PACKER_SSH_PORT):$(PACKER_SSH_PORT) -p $(PACKER_VNC_PORT):$(PACKER_VNC_PORT)
ENV_VARS += PACKER_CACHE_DIR PACKER_KEY_INTERVAL PACKER_LOG
KVM_GID ?= $(call gid,kvm)
PACKER_ARCH ?= $(PACKER_ALPINE_ARCH)
@ -29,7 +30,7 @@ PACKER_TEMPLATE ?= alpine
PACKER_USERNAME ?= root
PACKER_VNC_PORT ?= $(if $(vnc_port_max),$(vnc_port_max),5900)
PACKER_VNC_ADDRESS ?= $(if $(vnc_bind_address),$(vnc_bind_address),0.0.0.0)
ifeq ($(DEBUG), true)
ifneq ($(DEBUG),)
PACKER_BUILD_ARGS += -debug
endif
ifeq ($(FORCE), true)
@ -65,39 +66,24 @@ PACKER_QEMU_ACCELERATOR := tcg
PACKER_QEMU_ARGS += -cpu max,vendor=GenuineIntel,vmware-cpuid-freq=on,+invtsc,+aes,+vmx
endif
else ifeq ($(HOST_SYSTEM),LINUX)
DOCKER_RUN_OPTIONS_PACKER := $(if $(KVM_GID),--group-add $(KVM_GID)) --device /dev/kvm
DOCKER_RUN_OPTIONS_PACKER += $(if $(KVM_GID),--group-add $(KVM_GID)) --device /dev/kvm
else ifeq ($(HOST_SYSTEM),WINDOWS)
PACKER_QEMU_ACCELERATOR := hax
endif
ifeq ($(DOCKER), true)
# packer ansible provisionner needs:
## empty local ssh agent (ssh-add -D)
## ANSIBLE_SSH_PRIVATE_KEYS set to a key giving access to ANSIBLE_GIT_REPOSITORY without password
## ANSIBLE_AWS_ACCESS_KEY_ID and ANSIBLE_AWS_SECRET_ACCESS_KEY
define packer
$(call run,$(DOCKER_RUN_OPTIONS_PACKER) $(DOCKER_SSH_AUTH) -p $(PACKER_SSH_PORT):$(PACKER_SSH_PORT) -p $(PACKER_VNC_PORT):$(PACKER_VNC_PORT) $(DOCKER_REPOSITORY)/packer:$(DOCKER_IMAGE_TAG) $(1))
endef
define packer-qemu
echo Running $(1)
$(call run,$(DOCKER_RUN_OPTIONS_PACKER) -p $(PACKER_SSH_PORT):$(PACKER_SSH_PORT) -p $(PACKER_VNC_PORT):$(PACKER_VNC_PORT) --entrypoint=qemu-system-$(PACKER_QEMU_ARCH) $(DOCKER_REPOSITORY)/packer:$(DOCKER_IMAGE_TAG) $(PACKER_QEMU_ARGS) -m 512m -drive file=$(1)$(comma)format=raw -net nic$(comma)model=virtio -net user$(comma)hostfwd=tcp:$(PACKER_SSH_ADDRESS):$(PACKER_SSH_PORT)-:22 -vnc $(PACKER_VNC_ADDRESS):$(subst 590,,$(PACKER_VNC_PORT)))
endef
else
# function packer: Call run packer with arg 1
## it needs an empty local ssh agent (ssh-add -D)
## it needs ANSIBLE_SSH_PRIVATE_KEYS set to a key giving access to ANSIBLE_GIT_REPOSITORY without password
## it needs ANSIBLE_AWS_ACCESS_KEY_ID and ANSIBLE_AWS_SECRET_ACCESS_KEY
define packer
$(call run,packer $(1))
$(RUN) $(call run,packer $(1),$(DOCKER_RUN_OPTIONS_PACKER) $(DOCKER_REPOSITORY)/)
endef
# function packer-qemu: Call run qemu-system-% for PACKER_QEMU_ARCH
define packer-qemu
echo Running $(1)
$(call run,qemu-system-$(PACKER_QEMU_ARCH) $(PACKER_QEMU_ARGS) -m 512m -drive file=$(1)$(comma)format=raw -net nic$(comma)model=virtio -net user$(comma)hostfwd=tcp:$(PACKER_SSH_ADDRESS):$(PACKER_SSH_PORT)-:22 -vnc $(PACKER_VNC_ADDRESS):$(subst 590,,$(PACKER_VNC_PORT)))
$(RUN) $(call run,$(if $(DOCKER_RUN),packer,qemu-system-$(PACKER_QEMU_ARCH)) $(PACKER_QEMU_ARGS) -m 512m -drive file=$(1)$(comma)format=raw -net nic$(comma)model=virtio -net user$(comma)hostfwd=tcp:$(PACKER_SSH_ADDRESS):$(PACKER_SSH_PORT)-:22 -vnc $(PACKER_VNC_ADDRESS):$(subst 590,,$(PACKER_VNC_PORT)),$(DOCKER_RUN_OPTIONS_PACKER) --entrypoint=qemu-system-$(PACKER_QEMU_ARCH) $(DOCKER_REPOSITORY)/)
endef
endif
# function packer-build: Call packer build with arg 1, Add build infos to file PACKER_ISO_INFO
define packer-build
$(eval PACKER_TEMPLATE := $(notdir $(basename $(1))))
@ -124,6 +110,4 @@ define packer-build
echo 'user: $(username)' >> $(PACKER_ISO_INFO)
endef
define arrays_of_dquoted_args
[ $(subst $(dquote) $(dquote),$(dquote)$(comma) $(dquote),$(subst $(dquote) $(dquote)-,$(dquote) ]$(comma) [ $(dquote)-,$(patsubst %,$(dquote)%$(dquote),$1))) ]
endef
arrays_of_dquoted_args = [ $(subst $(dquote) $(dquote),$(dquote)$(comma) $(dquote),$(subst $(dquote) $(dquote)-,$(dquote) ]$(comma) [ $(dquote)-,$(patsubst %,$(dquote)%$(dquote),$1))) ]

22
stack/base.mk
View File

@ -1,23 +1,3 @@
# target base: Fire docker-network-create stack-base-up base-ssh-add
.PHONY: base
base: docker-network-create stack-base-up base-ssh-add
# target ssh-add: Fire base-ssh-add
.PHONY: ssh-add
ssh-add: base-ssh-add
# target base-ssh-add: Fire base-ssh-key and exec ssh-add file SSH_PRIVATE_KEYS in folder SSH_DIR
.PHONY: base-ssh-add
base-ssh-add: base-ssh-key
$(eval SSH_PRIVATE_KEYS := $(foreach file,$(SSH_DIR)/id_rsa $(filter-out $(wildcard $(SSH_DIR)/id_rsa),$(wildcard $(SSH_DIR)/*)),$(if $(shell grep "PRIVATE KEY" $(file) 2>/dev/null),$(notdir $(file)))))
$(call docker-run,$(DOCKER_SSH_AUTH) $(DOCKER_IMAGE_CLI),sh -c "$(foreach file,$(patsubst %,$(SSH_DIR)/%,$(SSH_PRIVATE_KEYS)),ssh-add -l |grep -qw $$(ssh-keygen -lf $(file) 2>/dev/null |awk '{print $$2}') 2>/dev/null || ssh-add $(file) ||: &&) true")
# target base-ssh-key: Setup ssh private key SSH_KEY in SSH_DIR
.PHONY: base-ssh-key
base-ssh-key: stack-base-up
ifneq (,$(filter true,$(DRONE)))
$(call exec,[ ! -d $(SSH_DIR) ] && mkdir -p $(SSH_DIR) && chown $(UID) $(SSH_DIR) && chmod 0700 $(SSH_DIR) ||:)
else
$(eval DOCKER_RUN_VOLUME += -v $(SSH_DIR):$(SSH_DIR))
endif
$(if $(SSH_KEY),$(eval export SSH_KEY ?= $(SSH_KEY)) $(call docker-run,$(DOCKER_IMAGE_CLI),echo -e "$$SSH_KEY" > $(SSH_DIR)/${COMPOSE_PROJECT_NAME}_id_rsa && chmod 0400 $(SSH_DIR)/${COMPOSE_PROJECT_NAME}_id_rsa && chown $(UID) $(SSH_DIR)/${COMPOSE_PROJECT_NAME}_id_rsa ||:))
base: docker-network-create $(if $(DOCKER_RUN),stack-base-up) ssh-add

15
stack/base/base.yml
View File

@ -5,14 +5,6 @@ services:
build:
args:
- DOCKER_BUILD_DIR=docker/cli
- GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
- GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
- SSH_BASTION_USERNAME=${SSH_BASTION_USERNAME}
- SSH_BASTION_HOSTNAME=${SSH_BASTION_HOSTNAME}
- SSH_PUBLIC_HOST_KEYS=${SSH_PUBLIC_HOST_KEYS}
- SSH_PRIVATE_IP_RANGE=${SSH_PRIVATE_IP_RANGE}
- UID=${UID}
- USER=${USER}
context: ../..
dockerfile: docker/cli/Dockerfile
target: ${DOCKER_BUILD_TARGET}
@ -34,8 +26,6 @@ services:
build:
args:
- DOCKER_BUILD_DIR=docker/ssh
- UID=${UID}
- USER=${USER}
context: ../..
dockerfile: docker/ssh/Dockerfile
target: ${DOCKER_BUILD_TARGET}
@ -49,11 +39,6 @@ services:
volumes:
ssh:
driver: local
driver_opts:
type: tmpfs
device: tmpfs
o: uid=${UID}
networks:
private:

12
stack/node.mk
View File

@ -1,13 +1,5 @@
ENV_VARS += DOCKER_HOST_IFACE DOCKER_HOST_INET
# target node: Fire docker-network-create-% for DOCKER_NETWORK_PUBLIC node-openssl stack-node-up
# target node: Fire docker-network-create-% for DOCKER_NETWORK_PUBLIC ssl-certs stack-node-up
.PHONY: node
node: docker-network-create-$(DOCKER_NETWORK_PUBLIC) node-openssl stack-node-up
# target node-openssl: Create /certs/${DOMAIN}.key.pem and /certs/${DOMAIN}.crt.pem files
.PHONY: node-openssl
node-openssl:
docker run --rm --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine:latest [ -f /certs/$(DOMAIN).crt.pem -a -f /certs/$(DOMAIN).key.pem ] \
|| docker run --rm -e DOMAIN=$(DOMAIN) --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine:latest sh -c "apk --no-cache add openssl \
&& { [ -f /certs/${DOMAIN}.key.pem ] || openssl genrsa -out /certs/${DOMAIN}.key.pem 2048; } \
&& openssl req -key /certs/${DOMAIN}.key.pem -out /certs/${DOMAIN}.crt.pem -addext extendedKeyUsage=serverAuth -addext subjectAltName=DNS:${DOMAIN} -subj \"/C=/ST=/L=/O=/CN=${DOMAIN}\" -x509 -days 365"
node: docker-network-create-$(DOCKER_NETWORK_PUBLIC) ssl-certs stack-node-up

4
stack/sematext/logagent.yml
View File

@ -5,10 +5,6 @@ services:
build:
args:
- DOCKER_BUILD_DIR=docker/sematext/logagent
- GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
- GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
- UID=${UID}
- USER=${USER}
context: ../..
dockerfile: docker/sematext/logagent/Dockerfile
target: ${DOCKER_BUILD_TARGET}

9
stack/theia/theia.yml
View File

@ -5,15 +5,6 @@ services:
build:
args:
- DOCKER_BUILD_DIR=docker/theia
- DOCKER_GID=${DOCKER_GID}
- GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
- GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
- SSH_BASTION_USERNAME=${SSH_BASTION_USERNAME}
- SSH_BASTION_HOSTNAME=${SSH_BASTION_HOSTNAME}
- SSH_PUBLIC_HOST_KEYS=${SSH_PUBLIC_HOST_KEYS}
- SSH_PRIVATE_IP_RANGE=${SSH_PRIVATE_IP_RANGE}
- UID=${UID}
- USER=${USER}
context: ../..
dockerfile: docker/theia/Dockerfile
target: ${DOCKER_BUILD_TARGET}

14
terraform/def.terraform.mk
View File

@ -1,17 +1,5 @@
CMDS += terraform
ifeq ($(DOCKER), true)
define terraform
$(call run,hashicorp/terraform:light $(1))
$(RUN) $(call run,terraform $(1),hashicorp/)
endef
else
define terraform
$(call run,terraform $(1))
endef
endif