summaryrefslogtreecommitdiffhomepage
path: root/pkg
diff options
context:
space:
mode:
authorKonstantin Pavlov <thresh@nginx.com>2019-10-03 15:08:44 +0300
committerKonstantin Pavlov <thresh@nginx.com>2019-10-03 15:08:44 +0300
commitc6df631bccafd528f92c2aa88b7b3ded1db93a9e (patch)
tree33fe70c48656ccd7e4c0c2fd119138e411b7e05d /pkg
parent73f096f79614403b93f23e7397f312eea49b0938 (diff)
downloadunit-c6df631bccafd528f92c2aa88b7b3ded1db93a9e.tar.gz
unit-c6df631bccafd528f92c2aa88b7b3ded1db93a9e.tar.bz2
Docker: added an entrypoint to make configuration easier.
Docker images now accept shell scripts, json files and certificate chain bundles to provide configuration on a container start by placing them into /docker-entrypoint.d/ directory.
Diffstat (limited to '')
-rw-r--r--pkg/docker/Dockerfile.tmpl4
-rwxr-xr-xpkg/docker/docker-entrypoint.sh71
2 files changed, 75 insertions, 0 deletions
diff --git a/pkg/docker/Dockerfile.tmpl b/pkg/docker/Dockerfile.tmpl
index 18d6d34e..c721931b 100644
--- a/pkg/docker/Dockerfile.tmpl
+++ b/pkg/docker/Dockerfile.tmpl
@@ -86,4 +86,8 @@ RUN ln -sf /dev/stdout /var/log/unit.log
STOPSIGNAL SIGTERM
+COPY docker-entrypoint.sh /usr/local/bin/
+RUN mkdir /docker-entrypoint.d/
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
+
CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"]
diff --git a/pkg/docker/docker-entrypoint.sh b/pkg/docker/docker-entrypoint.sh
new file mode 100755
index 00000000..4ad7cb9a
--- /dev/null
+++ b/pkg/docker/docker-entrypoint.sh
@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+
+set -e
+
+curl_put()
+{
+ RET=`/usr/bin/curl -s -w '%{http_code}' -X PUT --data-binary @$1 --unix-socket /var/run/control.unit.sock http://localhost/$2`
+ RET_BODY=${RET::-3}
+ RET_STATUS=$(echo $RET | /usr/bin/tail -c 4)
+ if [ "$RET_STATUS" -ne "200" ]; then
+ echo "$0: Error: HTTP response status code is '$RET_STATUS'"
+ echo "$RET_BODY"
+ return 1
+ else
+ echo "$0: OK: HTTP response status code is '$RET_STATUS'"
+ echo "$RET_BODY"
+ fi
+ return 0
+}
+
+if [ "$1" = "unitd" ]; then
+ if /usr/bin/find "/var/lib/unit/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then
+ echo "$0: /var/lib/unit/ is not empty, skipping initial configuration..."
+ else
+ if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then
+ echo "$0: /docker-entrypoint.d/ is not empty, launching Unit daemon to perform initial configuration..."
+ /usr/sbin/unitd --control unix:/var/run/control.unit.sock
+
+ while [ ! -S /var/run/control.unit.sock ]; do echo "$0: Waiting for control socket to be created..."; /bin/sleep 0.1; done
+ # even when the control socket exists, it does not mean unit has finished initialisation
+ # this curl call will get a reply once unit is fully launched
+ /usr/bin/curl -s -X GET --unix-socket /var/run/control.unit.sock http://localhost/
+
+ echo "$0: Looking for certificate bundles in /docker-entrypoint.d/..."
+ for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.pem"); do
+ echo "$0: Uploading certificates bundle: $f"
+ curl_put $f "certificates/$(basename $f .pem)"
+ done
+
+ echo "$0: Looking for configuration snippets in /docker-entrypoint.d/..."
+ for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.json"); do
+ echo "$0: Applying configuration $f";
+ curl_put $f "config"
+ done
+
+ echo "$0: Looking for shell scripts in /docker-entrypoint.d/..."
+ for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh"); do
+ echo "$0: Launching $f";
+ "$f"
+ done
+
+ # warn on filetypes we don't know what to do with
+ for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh" -not -name "*.json" -not -name "*.pem"); do
+ echo "$0: Ignoring $f";
+ done
+
+ echo "$0: Stopping Unit daemon after initial configuration..."
+ kill -TERM `/bin/cat /var/run/unit.pid`
+
+ while [ -S /var/run/control.unit.sock ]; do echo "$0: Waiting for control socket to be removed..."; /bin/sleep 0.1; done
+
+ echo
+ echo "$0: Unit initial configuration complete; ready for start up..."
+ echo
+ else
+ echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration..."
+ fi
+ fi
+fi
+
+exec "$@"