mirror of
https://github.com/adferrand/docker-backuppc.git
synced 2023-11-05 04:40:26 +01:00
Merge branch 'existing-user-or-group'
This commit is contained in:
Adrien Ferrand
commit
eff39f5080
@ -11,7 +11,7 @@ RUN apk --no-cache add \
|
|||||||
# Install backuppc build dependencies
|
# Install backuppc build dependencies
|
||||||
gcc g++ autoconf automake make git patch perl perl-dev perl-cgi expat expat-dev curl wget \
|
gcc g++ autoconf automake make git patch perl perl-dev perl-cgi expat expat-dev curl wget \
|
||||||
# Install backuppc runtime dependencies
|
# Install backuppc runtime dependencies
|
||||||
supervisor rsync samba-client iputils openssh openssl rrdtool msmtp lighttpd lighttpd-mod_auth gzip apache2-utils tzdata libstdc++ libgomp libgcc \
|
supervisor rsync samba-client iputils openssh openssl rrdtool msmtp lighttpd lighttpd-mod_auth gzip apache2-utils tzdata libstdc++ libgomp libgcc shadow \
|
||||||
# Compile and install needed perl modules
|
# Compile and install needed perl modules
|
||||||
&& cpan App::cpanminus \
|
&& cpan App::cpanminus \
|
||||||
&& cpanm -n Archive::Zip XML::RSS File::Listing \
|
&& cpanm -n Archive::Zip XML::RSS File::Listing \
|
||||||
|
|||||||
@ -1,6 +1,9 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
|
BACKUPPC_USERNAME=`getent passwd "${BACKUPPC_UUID:-1000}" | cut -d: -f1`
|
||||||
|
BACKUPPC_GROUPNAME=`getent group "${BACKUPPC_GUID:-1000}" | cut -d: -f1`
|
||||||
|
|
||||||
if [ -f /firstrun ]; then
|
if [ -f /firstrun ]; then
|
||||||
echo 'First run of the container. BackupPC will be installed.'
|
echo 'First run of the container. BackupPC will be installed.'
|
||||||
echo 'If exist, configuration and data will be reused and upgraded as needed.'
|
echo 'If exist, configuration and data will be reused and upgraded as needed.'
|
||||||
@ -10,14 +13,22 @@ if [ -f /firstrun ]; then
|
|||||||
cp /usr/share/zoneinfo/$TZ /etc/localtime
|
cp /usr/share/zoneinfo/$TZ /etc/localtime
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Create backuppc user
|
# Create backuppc user/group if needed
|
||||||
addgroup -S -g ${BACKUPPC_GUID:-1000} backuppc
|
if [ -z "$BACKUPPC_GROUPNAME" ]; then
|
||||||
adduser -D -S -h /home/backuppc -G backuppc -u ${BACKUPPC_UUID:-1000} backuppc
|
groupadd -r -g "${BACKUPPC_GUID:-1000}" backuppc
|
||||||
chown backuppc:backuppc /home/backuppc
|
BACKUPPC_GROUPNAME="backuppc"
|
||||||
|
fi
|
||||||
|
if [ -z "$BACKUPPC_USERNAME" ]; then
|
||||||
|
useradd -r -d /home/backuppc -g "${BACKUPPC_GUID:-1000}" -u ${BACKUPPC_UUID:-1000} -M -N backuppc
|
||||||
|
BACKUPPC_USERNAME="backuppc"
|
||||||
|
else
|
||||||
|
usermod -d /home/backuppc "$BACKUPPC_USERNAME"
|
||||||
|
fi
|
||||||
|
chown "$BACKUPPC_USERNAME":"$BACKUPPC_GROUPNAME" /home/backuppc
|
||||||
|
|
||||||
# Generate cryptographic key
|
# Generate cryptographic key
|
||||||
if [ ! -f /home/backuppc/.ssh/id_rsa ]; then
|
if [ ! -f /home/backuppc/.ssh/id_rsa ]; then
|
||||||
su backuppc -s /bin/sh -c "ssh-keygen -t rsa -N '' -f /home/backuppc/.ssh/id_rsa"
|
su "$BACKUPPC_USERNAME" -s /bin/sh -c "ssh-keygen -t rsa -N '' -f /home/backuppc/.ssh/id_rsa"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Extract BackupPC
|
# Extract BackupPC
|
||||||
@ -47,6 +58,7 @@ if [ -f /firstrun ]; then
|
|||||||
--html-dir /var/www/html/BackupPC \
|
--html-dir /var/www/html/BackupPC \
|
||||||
--html-dir-url /BackupPC \
|
--html-dir-url /BackupPC \
|
||||||
--install-dir /usr/local/BackupPC \
|
--install-dir /usr/local/BackupPC \
|
||||||
|
--backuppc-user "$BACKUPPC_USERNAME" \
|
||||||
$configure_admin
|
$configure_admin
|
||||||
|
|
||||||
# Prepare lighttpd
|
# Prepare lighttpd
|
||||||
@ -59,14 +71,14 @@ if [ -f /firstrun ]; then
|
|||||||
-subj "/C=UK/ST=Warwickshire/L=Leamington/O=OrgName/OU=IT Department/CN=example.com"
|
-subj "/C=UK/ST=Warwickshire/L=Leamington/O=OrgName/OU=IT Department/CN=example.com"
|
||||||
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
|
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
|
||||||
cat server.key server.crt > server.pem
|
cat server.key server.crt > server.pem
|
||||||
chown backuppc:backuppc server.pem
|
chown "$BACKUPPC_USERNAME":"$BACKUPPC_GROUPNAME" server.pem
|
||||||
chmod 0600 server.pem
|
chmod 0600 server.pem
|
||||||
rm -f server.pass.key server.key server.csr server.crt
|
rm -f server.pass.key server.key server.csr server.crt
|
||||||
# Reconfigure lighttpd to use ssl
|
# Reconfigure lighttpd to use ssl
|
||||||
echo "ssl.engine = \"enable\"" >> /etc/lighttpd/lighttpd.conf
|
echo "ssl.engine = \"enable\"" >> /etc/lighttpd/lighttpd.conf
|
||||||
echo "ssl.pemfile = \"/etc/lighttpd/server.pem\"" >> /etc/lighttpd/lighttpd.conf
|
echo "ssl.pemfile = \"/etc/lighttpd/server.pem\"" >> /etc/lighttpd/lighttpd.conf
|
||||||
fi
|
fi
|
||||||
touch /var/log/lighttpd/error.log && chown -R backuppc:backuppc /var/log/lighttpd
|
touch /var/log/lighttpd/error.log && chown -R "$BACKUPPC_USERNAME":"$BACKUPPC_GROUPNAME" /var/log/lighttpd
|
||||||
|
|
||||||
# Configure standard mail delivery parameters (may be overriden by backuppc user-wide config)
|
# Configure standard mail delivery parameters (may be overriden by backuppc user-wide config)
|
||||||
echo "account default" > /etc/msmtprc
|
echo "account default" > /etc/msmtprc
|
||||||
@ -80,5 +92,8 @@ if [ -f /firstrun ]; then
|
|||||||
rm -rf /root/BackupPC-$BACKUPPC_VERSION.tar.gz /root/BackupPC-$BACKUPPC_VERSION /firstrun
|
rm -rf /root/BackupPC-$BACKUPPC_VERSION.tar.gz /root/BackupPC-$BACKUPPC_VERSION /firstrun
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
export BACKUPPC_USERNAME
|
||||||
|
export BACKUPPC_GROUPNAME
|
||||||
|
|
||||||
# Exec given CMD in Dockerfile
|
# Exec given CMD in Dockerfile
|
||||||
exec "$@"
|
exec "$@"
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
server.port = 8080
|
server.port = 8080
|
||||||
server.username = "backuppc"
|
server.username = env.BACKUPPC_USERNAME
|
||||||
server.groupname = "backuppc"
|
server.groupname = env.BACKUPPC_GROUPNAME
|
||||||
server.document-root = "/srv/http"
|
server.document-root = "/srv/http"
|
||||||
server.errorlog = "/var/log/lighttpd/error.log"
|
server.errorlog = "/var/log/lighttpd/error.log"
|
||||||
dir-listing.activate = "enable"
|
dir-listing.activate = "enable"
|
||||||
|
|||||||
@ -24,10 +24,14 @@ password = dummy
|
|||||||
[program:lighttpd]
|
[program:lighttpd]
|
||||||
command = /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf -D
|
command = /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf -D
|
||||||
redirect_stderr = true
|
redirect_stderr = true
|
||||||
|
stdout_logfile = /dev/stdout
|
||||||
|
stdout_logfile_maxbytes = 0
|
||||||
stopasgroup = true
|
stopasgroup = true
|
||||||
killasgroup = true
|
killasgroup = true
|
||||||
|
|
||||||
[program:backuppc]
|
[program:backuppc]
|
||||||
command = /usr/local/BackupPC/bin/BackupPC
|
command = /usr/local/BackupPC/bin/BackupPC
|
||||||
redirect_stderr = true
|
redirect_stderr = true
|
||||||
user = backuppc
|
stdout_logfile = /dev/stdout
|
||||||
|
stdout_logfile_maxbytes = 0
|
||||||
|
user = %(ENV_BACKUPPC_USERNAME)s
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user