diff --git a/Dockerfile b/Dockerfile index b765b09..516646c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,15 +5,8 @@ LABEL org.opencontainers.image.authors="bluefox@privacynerd.de" WORKDIR / +COPY docker-entrypoint.sh /docker-entrypoint.sh RUN apk update --no-cache && \ - apk add --no-cache git && \ - adduser -g cronuser -s /bin/sh -H -D cronuser && \ - mkdir crond logs && \ - touch logs/crond.log logs/puller.log && \ - chown cronuser logs -R && \ - echo $'#!/bin/sh\ncd /to-pull && git pull' > puller.sh && \ - echo $'* * * * * cronuser /puller.sh\n' > crond/cronuser && \ - chmod +x puller.sh + apk add --no-cache git -ENTRYPOINT ["docker-entrypoint.sh"] -CMD ["crond", "-f", "-c", "crond"] +ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh old mode 100644 new mode 100755 index 7a693aa..2b9c2b6 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -1,3 +1,95 @@ -#!/bin/bash +#!/bin/sh + +runningUserID="$(id -u)" +if [ ! "$runningUserID" -eq 0 ]; then + echo "docker-entrypoint.sh needs to be run as root, exiting..." + exit 1 +fi +# set the PULL_LOCATION env var if not set already +if [ -z "$PULL_LOCATION" ]; then # if the env var is not set, set the default + PULL_LOCATION="/to-pull" + echo "PULL_LOCATION environment variable not set. Defaulting to /to-pull" +fi +if [ ! -d "$PULL_LOCATION" ]; then # if the folder to pull does not exist + echo "'$PULL_LOCATION' does not exist, exiting..." + exit 1 +fi + + +# check if PULL_LOCATION is a valid git repo +git config --global --add safe.directory "$PULL_LOCATION" # make git trust this folder to check if it is a repo +current_dir=$PWD; cd "$PULL_LOCATION"; is_git_repo="$(git rev-parse --is-inside-work-tree 2>/dev/null)"; cd "$current_dir"; +if [ ! "$is_git_repo" ]; then + echo "'$PULL_LOCATION' is no git repository, exiting..." + exit 1 +fi + + +# Some PULL_INTERVAL env var checks +# check if the var is even set; and if it is set, check if it is an integer +# integer check found here: https://www.baeldung.com/linux/bash-variable-is-numeric +if [ -z "$PULL_INTERVAL" ]; then + PULL_INTERVAL=60 # every minute by default + echo "PULL_INTERVAL environment variable not set. Defaulting to [every] 60 [seconds]" +fi +if [[ ! "$PULL_INTERVAL" =~ '^[0-9]+([.][0-9]+)?$' ]]; then + PULL_INTERVAL=60 + echo "PULL_INTERVAL must be an integer, defaulting to [every] 60 [seconds] now" +fi +if [ "$PULL_INTERVAL" -lt 5 ]; then # if the PULL_INTERVAL is too low (more than every 5 seconds) + echo "PULL_INTERVAL must not be lower than 5 (every 5 seconds). Now set to 5." + PULL_INTERVAL=5 +fi + + +# now the user management (for permissions, security) +if [ -z "$PULLER_UID" ]; then + PULLER_UID=1000 + echo "PULLER_UID environment variable has not been set, defaulting to 1000..." +fi +if [[ ! "$PULLER_UID" =~ '^[0-9]+([.][0-9]+)?$' ]]; then # check that PULLER_UID is a number + PULLER_UID=1000 # set to roots uid + echo "PULLER_UID must be an integer, defaulting to 1000 now." +fi +if [ ! "$PULLER_UID" = "0" ]; then + # create a new user (for running the git pull; for security reasons) + adduser -g gitpuller -s /bin/sh -u $PULLER_UID -D gitpuller # user needs home dir for git config (see below) + echo "Added user 'gitpuller' with UID $PULLER_UID" + PULLER_USER="gitpuller" + su $PULLER_USER -c "cd $PULL_LOCATION; git config --global --add safe.directory '$PULL_LOCATION';" +else + PULLER_USER="root" + # no need for git config ... as this is already done for the root user (see 'check if PULL_LOCATION is a valid git repo') +fi + +#print log size info +if [ "$GIT_OUTPUT" = "0" ]; then + echo "Not logging git outputs exept those to stderr (reducing the log size)" +else + echo "INFO: logging all git outputs; you can reduce log size by setting the env var GIT_OUTPUT to 0" +fi + +echo "" +echo "-----" +echo "Starting docker-git-puller with '$PULL_LOCATION' as the pull location." +echo "Pulling every $PULL_INTERVAL seconds." +echo "-----" +echo "" + + + +while true; do + # if $GIT_OUTPUT is 0, do not write the 'git pull' output to stdout; for any other value, do it + if [ "$GIT_OUTPUT" = "0" ]; then + su $PULLER_USER -c "cd $PULL_LOCATION; git pull > /dev/null;" + else + echo "[$(date)] Pulling git repo..." + su $PULLER_USER -c "cd $PULL_LOCATION; git pull" + echo "Waiting $PULL_INTERVAL seconds for next pull" + echo "-----" + echo "" + fi + sleep $PULL_INTERVAL +done