diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index e4bafe94..c265452c 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -1,10 +1,10 @@
-name: Docker
+name: Docker-Builder
on:
push:
branches:
- master
release:
- types: [published]
+ types: [ published ]
env:
REGISTRY: ghcr.io
@@ -22,7 +22,7 @@ jobs:
MY_TOKEN: ${{ secrets.MY_TOKEN }}
if: "${{ env.MY_TOKEN != '' }}"
run: echo "token_defined=true" >> "$GITHUB_OUTPUT"
-
+
build:
name: Release
runs-on: ubuntu-latest
@@ -36,6 +36,8 @@ jobs:
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
+ with:
+ platforms: linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
@@ -54,14 +56,25 @@ jobs:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build and push Docker image
- uses: docker/build-push-action@v5
+ uses: docker/build-push-action@v6
with:
context: .
file: docker/Dockerfile
- platforms: linux/amd64,linux/arm64
+ platforms: linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
- INCLUDE_MONGODBTOOLS=true
+ INCLUDE_MONGODB_TOOLS=true
+ INCLUDE_POSTGRESQL_TOOLS=true
+ INCLUDE_MARIADB_TOOLS=true
PREINSTALL_LIBS=true
+
+ #- name: Docker Scout
+ # id: docker-scout
+ # uses: docker/scout-action@v1
+ # with:
+ # command: quickview,cves
+ # image: image://
+ # summary: true
+ # only-severities: critical,high,medium,low,unspecified
diff --git a/.gitignore b/.gitignore
index e2031237..58d02781 100644
--- a/.gitignore
+++ b/.gitignore
@@ -310,4 +310,5 @@ __pycache__/
# When running mkdocs locally as dev
docs/__pycache__/
-docs/env/
\ No newline at end of file
+docs/env/
+docker-compose.yaml
diff --git a/docker/BUILD.md b/docker/BUILD.md
deleted file mode 100644
index 1b100795..00000000
--- a/docker/BUILD.md
+++ /dev/null
@@ -1,29 +0,0 @@
-# How to create a docker image for meshcentral
-
-```
-> git clone https://github.com/Ylianst/MeshCentral.git
-> cd MeshCentral
-
-> docker build -f docker/Dockerfile --force-rm -t meshcentral .
-
-# alternative, if you want to include the mongodb-tools (mongodump, ...), you can add the 'INCLUDE_MONGODBTOOLS=yes' build argument
-> docker build -f docker/Dockerfile --force-rm --build-arg INCLUDE_MONGODBTOOLS=yes -t meshcentral .
-
-# (optional) cleanup after docker build:
-> cd ..
-> rm -rf MeshCentral/
-```
-
-> | Argument | Description |
-> | :--- | :--- |
-> | -f docker/Dockerfile | Path/Name of the Dockerfile |
-> | --force-rm | Always remove intermediate containers |
-> | -t meshcentral | Name and optionally a tag in the 'name:tag' format |
-
-### Optional build arguments
-> | Argument | Description |
-> | :--- | :--- |
-> | INCLUDE_MONGODBTOOLS=yes | Includes mongodb-tools (mongodump, ...) in the image |
-> | DISABLE_MINIFY=yes | Disables the minification of files |
-> | DISABLE_TRANSLATE=yes | Disables the translation of files |
-
diff --git a/docker/Dockerfile b/docker/Dockerfile
index a2ace6a5..da8a0b2e 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,103 +1,181 @@
-FROM --platform=$BUILDPLATFORM node:22-alpine AS builder
+### STAGE 1 BUILDING.
+FROM node:lts-alpine3.21 AS builder
+
+# Any value inside one of the disable ARGs will be accepted.
+ARG DISABLE_MINIFY="yes" \
+ DISABLE_TRANSLATE="yes"
RUN mkdir -p /opt/meshcentral/meshcentral
-COPY ./ /opt/meshcentral/meshcentral/
WORKDIR /opt/meshcentral
+COPY ./ /opt/meshcentral/meshcentral/
-ARG DISABLE_MINIFY=""
-ARG DISABLE_TRANSLATE=""
-
-
-RUN if ! [ -z "$DISABLE_MINIFY" ] && [ "$DISABLE_MINIFY" != "yes" ] && [ "$DISABLE_MINIFY" != "YES" ] \
- && [ "$DISABLE_MINIFY" != "true" ] && [ "$DISABLE_MINIFY" != "TRUE" ]; then \
- echo -e "\e[0;31;49mInvalid value for build argument DISABLE_MINIFY, possible values: yes/true\e[;0m"; exit 1; \
- fi
-RUN if ! [ -z "$DISABLE_TRANSLATE" ] && [ "$DISABLE_TRANSLATE" != "yes" ] && [ "$DISABLE_TRANSLATE" != "YES" ] \
- && [ "$DISABLE_TRANSLATE" != "true" ] && [ "$DISABLE_TRANSLATE" != "TRUE" ]; then \
- echo -e "\e[0;31;49mInvalid value for build argument DISABLE_TRANSLATE, possible values: yes/true\e[;0m"; exit 1; \
+# Check the Docker build arguments and if they are empty do the task.
+RUN if [ -z "$DISABLE_MINIFY" ] || [ -z "$DISABLE_TRANSLATE" ]; then \
+ cd meshcentral && \
+ npm install html-minifier@4.0.0 jsdom@26.0.0 esprima@4.0.1 && \
+ cd translate && \
+ node translate.js extractall && \
+ case "$DISABLE_MINIFY" in \
+ false|no|FALSE|NO) \
+ node translate.js minifyall;; \
+ *) \
+ echo "Setting MINIFY as disabled.";; \
+ esac && \
+ case "$DISABLE_TRANSLATE" in \
+ false|no|FALSE|NO) \
+ node translate.js translateall;; \
+ *) \
+ echo "Setting TRANSLATE as disabled.";; \
+ esac \
fi
+# Possible more updated alternative? @minify-html/node@0.15.0 -> https://www.npmjs.com/package/@minify-html/node
-# install translate/minify modules if need too
-RUN if [ -z "$DISABLE_MINIFY" ] || [ -z "$DISABLE_TRANSLATE" ]; then cd meshcentral && npm install html-minifier@4.0.0 jsdom@22.1.0 esprima@4.0.1; fi
+RUN cd meshcentral \
+ && npm uninstall html-minifier jsdom esprima
-# first extractall if need too
-RUN if [ -z "$DISABLE_MINIFY" ] || [ -z "$DISABLE_TRANSLATE" ]; then cd meshcentral/translate && node translate.js extractall; fi
+# cleanup for inter-container copying.
-# minify files
-RUN if [ -z "$DISABLE_MINIFY" ]; then cd meshcentral/translate && node translate.js minifyall; fi
-
-# translate
-RUN if [ -z "$DISABLE_TRANSLATE" ]; then cd meshcentral/translate && node translate.js translateall; fi
-
-# cleanup
-RUN if [ -z "$DISABLE_MINIFY" ] || [ -z "$DISABLE_TRANSLATE" ]; then cd meshcentral && npm remove html-minifier jsdom esprima; fi
RUN rm -rf /opt/meshcentral/meshcentral/docker
RUN rm -rf /opt/meshcentral/meshcentral/node_modules
+### STAGE 2 BUILDING.
-FROM --platform=$TARGETPLATFORM alpine:3.21
+FROM alpine:3.21
+
+# environment variables
+ENV NODE_ENV="production" \
+ CONFIG_FILE="/opt/meshcentral/meshcentral-data/config.json" \
+ DYNAMIC_CONFIG="false"
+
+# environment variables for the above defined MeshCentral Config.json
+ENV ALLOW_PLUGINS="false" \
+ ALLOW_NEW_ACCOUNTS="false" \
+ ALLOWED_ORIGIN="false" \
+ IFRAME="false" \
+ REGEN_SESSIONKEY="false" \
+ WEBRTC="false" \
+ LOCAL_SESSION_RECORDING="true" \
+ MINIFY="true" \
+ HOSTNAME="localhost" \
+ REVERSE_PROXY="" \
+ REVERSE_PROXY_TLS_PORT="443" \
+ TRUSTED_PROXY="" \
+ ARGS=""
+
+# Database
+# Multi-variable declaration to reduce layers.
+ENV USE_MONGODB="false" \
+ USE_POSTGRESQL="false" \
+ USE_MARIADB="false"
+
+# Preinstallation args
+ARG PREINSTALL_LIBS="false" \
+ INCLUDE_MONGODB_TOOLS="false" \
+ INCLUDE_POSTGRESQL_TOOLS="false" \
+ INCLUDE_MARIADB_TOOLS="false"
+
+# MongoDB Variables
+# The following MONGO_URL variable overwrites most other mongoDb related varialbes.
+ENV MONGO_HOST="" \
+ MONGO_PORT="27017" \
+ MONGO_USERNAME="" \
+ MONGO_PASS="" \
+ MONGO_URL=""
+
+# PostgreSQL Variables
+ENV PSQL_HOST="" \
+ PSQL_PORT="5432" \
+ PSQL_USER="" \
+ PSQL_PASS="" \
+ PSQL_DATABASE=""
+
+# MariaDB/MySQL Variables, Alpine Linux only provides the actual MariaDB binaries.
+ENV MARIADB_HOST="" \
+ MARIADB_PORT="3306" \
+ MARIADB_USER="" \
+ MARIADB_PASS="" \
+ MARIADB_DATABASE=""
-#Add non-root user, add installation directories and assign proper permissions
RUN mkdir -p /opt/meshcentral/meshcentral
-
-# meshcentral installation
WORKDIR /opt/meshcentral
RUN apk update \
- && apk add --no-cache --update tzdata nodejs npm bash python3 make gcc g++ \
- && rm -rf /var/cache/apk/*
+ && apk add --no-cache --update \
+ bash gcc g++ jq make nodejs npm python3 tzdata \
+ && rm -rf /var/cache/* \
+ /tmp/* \
+ /usr/share/man/ \
+ /usr/share/doc/ \
+ /var/log/* \
+ /var/spool/* \
+ /usr/lib/debug/
RUN npm install -g npm@latest
-ARG INCLUDE_MONGODBTOOLS=""
-ARG PREINSTALL_LIBS="false"
+RUN case "$PREINSTALL_LIBS" in \
+ true|yes|TRUE|YES) \
+ cd meshcentral && \
+ npm install ssh2@1.16.0 semver@7.7.1 nodemailer@6.10.0 image-size@2.0.1 wildleek@2.0.0 otplib@12.0.1 yubikeyotp@0.2.0;; \
+ false|no|FALSE|NO) \
+ echo "Not pre-installing libraries.";; \
+ *) \
+ echo -e "Invalid value for build argument INCLUDE_POSTGRESQL_TOOLS, possible values: 'yes' or 'true'"; \
+ exit 1;; \
+ esac
-# environment variables
-ENV NODE_ENV="production"
-ENV CONFIG_FILE="config.json"
+# NOTE: ALL MODULES MUST HAVE A VERSION NUMBER AND THE VERSION MUST MATCH THAT USED IN meshcentraljs mainStart()
+RUN case "$INCLUDE_MONGODB_TOOLS" in \
+ true|yes|TRUE|YES) \
+ apk add --no-cache mongodb-tools && \
+ cd meshcentral && npm install mongodb@6.16.0 \
+ ;; \
+ false|no|FALSE|NO) \
+ echo "Not including MongoDB Tools.";; \
+ *) \
+ echo "Invalid value for build argument INCLUDE_MONGODB_TOOLS, possible values: 'yes' or 'true'"; \
+ exit 1;; \
+ esac
-# environment variables for initial configuration file
-ENV USE_MONGODB="false"
-ENV MONGO_INITDB_ROOT_USERNAME="root"
-ENV MONGO_INITDB_ROOT_PASSWORD="pass"
-ENV MONGO_URL=""
-ENV HOSTNAME="localhost"
-ENV ALLOW_NEW_ACCOUNTS="true"
-ENV ALLOWPLUGINS="false"
-ENV LOCALSESSIONRECORDING="true"
-ENV MINIFY="false"
-ENV WEBRTC="false"
-ENV IFRAME="false"
-ENV SESSION_KEY=""
-ENV REVERSE_PROXY="false"
-ENV REVERSE_PROXY_TLS_PORT=""
-ENV ARGS=""
-ENV ALLOWED_ORIGIN="false"
+RUN case "$INCLUDE_POSTGRESQL_TOOLS" in \
+ true|yes|TRUE|YES) \
+ apk add --no-cache postgresql-client && \
+ cd meshcentral && npm install pg@8.14.1 \
+ ;; \
+ false|no|FALSE|NO) \
+ echo "Not including PostgreSQL Tools.";; \
+ *) \
+ echo -e "Invalid value for build argument INCLUDE_POSTGRESQL_TOOLS, possible values: 'yes' or 'true'"; \
+ exit 1;; \
+ esac
-RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ] && [ "$INCLUDE_MONGODBTOOLS" != "yes" ] && [ "$INCLUDE_MONGODBTOOLS" != "YES" ] \
- && [ "$INCLUDE_MONGODBTOOLS" != "true" ] && [ "$INCLUDE_MONGODBTOOLS" != "TRUE" ]; then \
- echo -e "\e[0;31;49mInvalid value for build argument INCLUDE_MONGODBTOOLS, possible values: yes/true\e[;0m"; exit 1; \
- fi
-
-RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ]; then apk add --no-cache mongodb-tools; fi
+RUN case "$INCLUDE_MARIADB_TOOLS" in \
+ true|yes|TRUE|YES) \
+ apk add --no-cache mariadb-client && \
+ cd meshcentral && npm install mariadb@3.4.0 mysql2@3.11.4-canary.401db79b \
+ ;; \
+ false|no|FALSE|NO) \
+ echo "Not including MariaDB/MySQL Tools.";; \
+ *) \
+ echo -e "Invalid value for build argument INCLUDE_MARIADB_TOOLS, possible values: 'yes' or 'true'"; \
+ exit 1;; \
+ esac
# copy files from builder-image
COPY --from=builder /opt/meshcentral/meshcentral /opt/meshcentral/meshcentral
-COPY ./docker/startup.sh ./startup.sh
-COPY ./docker/config.json.template /opt/meshcentral/config.json.template
# install dependencies from package.json
RUN cd meshcentral && npm install
-# NOTE: ALL MODULES MUST HAVE A VERSION NUMBER AND THE VERSION MUST MATCH THAT USED IN meshcentral.js mainStart()
-RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ]; then cd meshcentral && npm install mongodb@4.17.2; fi
-RUN if ! [ -z "$PREINSTALL_LIBS" ] && [ "$PREINSTALL_LIBS" == "true" ]; then cd meshcentral && npm install ssh2@1.16.0 semver@7.7.1 nodemailer@6.9.16 image-size@2.0.2 wildleek@2.0.0 otplib@12.0.1 yubikeyotp@0.2.0; fi
+# Expose needed ports
+EXPOSE 80 443
-EXPOSE 80 443 4433
-
-# volumes
+# These volumes will be created by default even without any declaration, this allows default persistence in Docker/Podman.
VOLUME /opt/meshcentral/meshcentral-data
VOLUME /opt/meshcentral/meshcentral-files
VOLUME /opt/meshcentral/meshcentral-web
VOLUME /opt/meshcentral/meshcentral-backups
-CMD ["bash", "/opt/meshcentral/startup.sh"]
+# Copy images from Git repo, place it before ending so recompilation can make good use of cache.
+COPY ./docker/entrypoint.sh ./entrypoint.sh
+COPY ./docker/config.json.template /opt/meshcentral/config.json.template
+
+ENTRYPOINT ["bash", "/opt/meshcentral/entrypoint.sh"]
diff --git a/docker/README.md b/docker/README.md
new file mode 100644
index 00000000..c0e66f8d
--- /dev/null
+++ b/docker/README.md
@@ -0,0 +1,189 @@
+# MeshCentral Docker Configuration Guide
+
+> [!NOTE]
+> Out of precaution, DYNAMIC_CONFIG has been disabled by default.
+> The reason why is because when its enabled and a working config without corresponding environment variables gives,
+> Then the container will overwrite it to a incorrect, but working state - perhaps non-working for your environment.
+
+## Overview
+This document provides a comprehensive guide to setting up and configuring MeshCentral in a Docker environment. It includes available options, security measures, and deployment instructions.
+
+## Environment Variables
+Below is a breakdown of environment variables used in this setup.
+
+### General MeshCentral Configuration
+| Variable | Default Value | Description |
+|----------|--------------|-------------|
+| NODE_ENV | production | Specifies the Node.js environment. |
+| CONFIG_FILE | /opt/meshcentral/meshcentral-data/config.json | Path to the configuration file. |
+| DYNAMIC_CONFIG | false | Enables/disables dynamic configuration. This means config is being rechecked every container restart. False if you want to use your own `config.json` |
+| ALLOW_PLUGINS | false | Enables/disables plugins. |
+| ALLOW_NEW_ACCOUNTS | false | Enables/disables new account creation. |
+| ALLOWED_ORIGIN | false | Enables/disables allowed origin policy. |
+| ARGS | "" | Additional arguments for MeshCentral. |
+| HOSTNAME | localhost | Specifies the hostname. |
+| IFRAME | false | Enables/disables embedding in an iframe. |
+| LOCAL_SESSION_RECORDING | true | Enables session recording. |
+| MINIFY | true | Minifies the JavaScript and HTML output. |
+| REGEN_SESSIONKEY | false | Regenerates the session key on each restart of the container. |
+| REVERSE_PROXY | "" | Configures reverse proxy support through `certUrl`. |
+| REVERSE_PROXY_TLS_PORT | "443" | Configures reverse proxy TLS port, will be combined with: `REVERSE_PROXY`. |
+| WEBRTC | false | Enables/disables WebRTC support. |
+
+### Database Configuration
+
+#### MeshCentral Database Settings
+| Variable | Default Value | Description |
+|----------|--------------|-------------|
+| USE_MONGODB | false | Enables MongoDB usage. |
+| USE_POSTGRESQL | false | Enables PostgreSQL usage. |
+| USE_MARIADB | false | Enables MariaDB usage. |
+
+#### MongoDB Configuration
+| Variable | Default Value | Description |
+|----------|--------------|-------------|
+| MONGO_HOST | "" | MongoDB server hostname. |
+| MONGO_PORT | 27017 | MongoDB server port. |
+| MONGO_USERNAME | "" | MongoDB username. |
+| MONGO_PASS | "" | MongoDB password. |
+| MONGO_URL | "" | Overrides other MongoDB connection settings. |
+
+#### PostgreSQL Configuration
+| Variable | Default Value | Description |
+|----------|--------------|-------------|
+| PSQL_HOST | "" | PostgreSQL server hostname. |
+| PSQL_PORT | 5432 | PostgreSQL server port. |
+| PSQL_USER | "" | PostgreSQL username. |
+| PSQL_PASS | "" | PostgreSQL password. |
+| PSQL_DATABASE | "" | PostgreSQL database name. |
+
+#### MariaDB Configuration
+| Variable | Default Value | Description |
+|----------|--------------|-------------|
+| MARIADB_HOST | "" | MariaDB server hostname. |
+| MARIADB_PORT | 3306 | MariaDB server port. |
+| MARIADB_USER | "" | MariaDB username. |
+| MARIADB_PASS | "" | MariaDB password. |
+| MARIADB_DATABASE | "" | MariaDB database name. |
+
+## Deployment Instructions
+
+### Running with Docker CLI
+```sh
+docker run -d \
+ -e HOSTNAME=myserver.domain.com \
+ -e ALLOW_NEW_ACCOUNTS=true \
+ -e USE_MONGODB=true \
+ -e MONGO_URL=mongodb://username:password@mongodb:27017/meshcentral \
+ -v meshcentral-data:/opt/meshcentral/meshcentral-data \
+ -p 443:443 \
+ ghcr.io/ylianst/meshcentral:
+```
+
+### Running with Docker Compose
+```yaml
+services:
+ meshcentral:
+ image: ghcr.io/ylianst/meshcentral:
+ environment:
+ - HOSTNAME=myserver.domain.com
+ - ALLOW_NEW_ACCOUNTS=false
+ - USE_MONGODB=true
+ - MONGO_URL=mongodb://username:password@mongodb:27017/meshcentral
+ volumes:
+ - meshcentral-data:/opt/meshcentral/meshcentral-data
+ - meshcentral-files:/opt/meshcentral/meshcentral-files
+ - meshcentral-web:/opt/meshcentral/meshcentral-web
+ - meshcentral-backups:/opt/meshcentral/meshcentral-backups
+ ports:
+ - "443:443"
+volumes:
+ meshcentral-data:
+ meshcentral-files:
+ meshcentral-web:
+ meshcentral-backups:
+```
+
+### Using an `.env` File
+Create a `.env` file:
+```ini
+# Environment variables
+NODE_ENV=production
+CONFIG_FILE=/opt/meshcentral/meshcentral-data/config.json
+DYNAMIC_CONFIG=true
+
+# MeshCentral Configuration
+ALLOW_PLUGINS=false
+ALLOW_NEW_ACCOUNTS=false
+ALLOWED_ORIGIN=false
+ARGS=
+HOSTNAME=localhost
+IFRAME=false
+LOCAL_SESSION_RECORDING=true
+MINIFY=true
+REGEN_SESSIONKEY=false
+REVERSE_PROXY=
+REVERSE_PROXY_TLS_PORT=
+WEBRTC=false
+
+# MongoDB Configuration
+USE_MONGODB=false
+MONGO_HOST=
+MONGO_PORT=27017
+MONGO_USERNAME=
+MONGO_PASS=
+MONGO_URL=
+
+# PostgreSQL Configuration
+USE_POSTGRESQL=false
+PSQL_HOST=
+PSQL_PORT=5432
+PSQL_USER=
+PSQL_PASS=
+PSQL_DATABASE=
+
+# MariaDB/MySQL Configuration
+USE_MARIADB=false
+MARIADB_HOST=
+MARIADB_PORT=3306
+MARIADB_USER=
+MARIADB_PASS=
+MARIADB_DATABASE=
+
+# Build options
+INCLUDE_MONGODB_TOOLS=false
+INCLUDE_POSTGRESQL_TOOLS=false
+INCLUDE_MARIADB_TOOLS=false
+PREINSTALL_LIBS=false
+```
+Then run Docker Compose:
+```sh
+docker-compose --env-file .env up -d
+```
+
+# MeshCentral Docker Build Process
+
+This document explains the build process for the MeshCentral Docker image, along with details on various build arguments and how to use them.
+
+## Build Arguments
+
+The following build arguments are available for customizing the build process:
+
+- **DISABLE_MINIFY**: Disable HTML/JS minification during the build.
+- **DISABLE_TRANSLATE**: Disable translation of strings in MeshCentral.
+- **INCLUDE_MONGODB_TOOLS**: Include MongoDB client and related tools.
+- **INCLUDE_POSTGRESQL_TOOLS**: Include PostgreSQL client tools.
+- **INCLUDE_MARIADB_TOOLS**: Include MariaDB/MySQL client tools.
+- **PREINSTALL_LIBS**: Pre-install specific libraries like `ssh2`, `semver`, `nodemailer`, etc.
+
+### Build Commands with Arguments
+
+Here are the shell commands to build the Docker image with different configurations.
+
+#### 1. Build with Minify and Translate Disabled
+If you want to disable both HTML/JS minification and translation during the build process, use the following command:
+> While in the root git location.
+
+```sh
+docker build -f docker/Dockerfile --build-arg DISABLE_MINIFY=no --build-arg DISABLE_TRANSLATE=no -t meshcentral .
+```
diff --git a/docker/compose.yaml b/docker/compose.yaml
new file mode 100644
index 00000000..1ff2bc10
--- /dev/null
+++ b/docker/compose.yaml
@@ -0,0 +1,21 @@
+services:
+ meshcentral:
+ image: ghcr.io/ylianst/meshcentral:latest
+ environment:
+ - HOSTNAME=myserver.domain.com
+ - ALLOW_NEW_ACCOUNTS=false
+ - USE_MONGODB=true
+ - MONGO_URL=mongodb://username:password@mongodb:27017/meshcentral
+ volumes:
+ - meshcentral-data:/opt/meshcentral/meshcentral-data
+ - meshcentral-files:/opt/meshcentral/meshcentral-files
+ - meshcentral-web:/opt/meshcentral/meshcentral-web
+ - meshcentral-backups:/opt/meshcentral/meshcentral-backups
+ ports:
+ - "80:80"
+ - "443:443"
+volumes:
+ meshcentral-data:
+ meshcentral-files:
+ meshcentral-web:
+ meshcentral-backups:
diff --git a/docker/config.json.template b/docker/config.json.template
index 44594aa8..588d2184 100644
--- a/docker/config.json.template
+++ b/docker/config.json.template
@@ -1,8 +1,9 @@
{
"$schema": "https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json",
"settings": {
- "plugins":{"enabled": false},
- "_mongoDb": null,
+ "plugins":{
+ "enabled": false
+ },
"cert": "myserver.mydomain.com",
"_WANonly": true,
"_LANonly": true,
@@ -15,7 +16,22 @@
"TLSOffload": false,
"SelfUpdate": false,
"AllowFraming": false,
- "WebRTC": false
+ "WebRTC": false,
+ "_mongoDb": "",
+ "_postgres": {
+ "host": "",
+ "port": "",
+ "user": "",
+ "password": "",
+ "database": ""
+ },
+ "_mariaDB": {
+ "host": "",
+ "port": "",
+ "user": "",
+ "password": "",
+ "database": ""
+ }
},
"domains": {
"": {
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
new file mode 100644
index 00000000..a9c4b4f2
--- /dev/null
+++ b/docker/entrypoint.sh
@@ -0,0 +1,269 @@
+#!/bin/bash
+
+graceful_shutdown() {
+ echo "Received SIGTERM. Cleaning up..."
+ node /opt/meshcentral/meshcentral/meshcentral --stop
+
+ echo "MeshCentral process stopped. Exiting..."
+ exit 0
+}
+trap graceful_shutdown SIGTERM
+
+### Start MeshCentral Docker Container.
+
+date
+echo "Config file: $CONFIG_FILE"
+
+# Failsafe to create a new config if the expected config is not there.
+if [ -f "${CONFIG_FILE}" ]; then
+ echo "Pre-existing config found, not recreating..."
+else
+ cp /opt/meshcentral/config.json.template "${CONFIG_FILE}"
+fi
+
+if [[ ${DYNAMIC_CONFIG,,} =~ ^(true|yes)$ ]]; then
+ cat "$CONFIG_FILE"
+ echo "Using Dynamic Configuration values..."
+
+ # BEGIN DATABASE CONFIGURATION FIELDS
+ USE_MONGODB=${USE_MONGODB,,}
+ if [[ $USE_MONGODB =~ ^(true|yes)$ ]]; then
+ echo "Enabling MongoDB-connector..."
+
+ if [[ -n "$MONGO_URL" ]]; then
+ echo "MONGO_URL is set, using that..."
+ else
+ MONGO_URL="${MONGO_URL:-$MONGO_USERNAME:$MONGO_PASS@}$MONGO_HOST:$MONGO_PORT"
+ fi
+
+ #ESCAPED_MONGO_URL=$(echo "$MONGO_URL" | sed 's/[\/&?=:]/\\&/g')
+ sed -i 's/"_mongoDb"/"mongoDb"/' "$CONFIG_FILE"
+ jq --arg mongo_url "$MONGO_URL" \
+ '.settings.mongoDb = $mongo_url' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ else
+ echo "Disabling MongoDB-connector..."
+ sed -i 's/"mongoDb"/"_mongoDb"/' "$CONFIG_FILE"
+ fi
+
+ USE_POSTGRESQL=${USE_POSTGRESQL,,}
+ if [[ $USE_POSTGRESQL =~ ^(true|yes)$ ]]; then
+ echo "Enabling PostgreSQL-connector..."
+
+ sed -i 's/"_postgres"/"postgres"/' "$CONFIG_FILE"
+ jq --arg psql_host "$PSQL_HOST" \
+ --arg psql_port "$PSQL_PORT" \
+ --arg psql_user "$PSQL_USER" \
+ --arg psql_pass "$PSQL_PASS" \
+ --arg psql_db "$PSQL_DATABASE" \
+ '.settings.postgres.host = $psql_host |
+ .settings.postgres.port = $psql_port |
+ .settings.postgres.user = $psql_user |
+ .settings.postgres.password = $psql_pass |
+ .settings.postgres.database = $psql_db' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ else
+ echo "Disabling PostgreSQL-connector..."
+ sed -i 's/"postgres"/"_postgres"/' "$CONFIG_FILE"
+ fi
+
+ USE_MARIADB=${USE_MARIADB,,}
+ if [[ $USE_MARIADB =~ ^(true|yes)$ ]]; then
+ echo "Enabling MariaDB-connector..."
+ sed -i 's/"_mariaDB"/"mariaDB"/' "$CONFIG_FILE"
+ jq --arg mariadb_host "$MARIADB_HOST" \
+ --arg mariadb_port "$MARIADB_PORT" \
+ --arg mariadb_user "$MARIADB_USER" \
+ --arg mariadb_pass "$MARIADB_PASS" \
+ --arg mariadb_db "$MARIADB_DATABASE" \
+ '.settings.mariaDB.host = $mariadb_host |
+ .settings.mariaDB.port = $mariadb_port |
+ .settings.mariaDB.user = $mariadb_user |
+ .settings.mariaDB.password = $mariadb_pass |
+ .settings.mariaDB.database = $mariadb_db' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ else
+ echo "Disabling MariaDB-connector..."
+ sed -i 's/"mariaDB"/"_mariaDB"/' "$CONFIG_FILE"
+ fi
+ # END DATABASE CONFIGURATION FIELDS
+
+ # Doing the bulk with JQ utility. Given the remaining variables an opportunity with Sed.
+ # The way this works is if the environment variable is empty, it will add a _ in front of the variable, commenting it.
+ # This will make the default value apply, as per: https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json
+
+ echo "Compiling given environment variables..."
+ echo "If defaults are going to get applied, refer to: https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json"
+
+ # SESSIONKEY
+ if [[ ${REGEN_SESSIONKEY,,} =~ ^(true|yes)$ ]]; then
+ echo "Regenerating Session-Key because REGENSESSIONKEY is 'true' or 'yes'"
+ SESSION_KEY=$(tr -dc 'A-Z0-9' < /dev/urandom | fold -w 96 | head -n 1)
+
+ sed -i 's/"_sessionKey"/"sessionKey"/' "$CONFIG_FILE"
+ jq --arg session_key "$SESSION_KEY" \
+ '.settings.sessionKey = $session_key' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ else
+ echo "REGENSESSIONKEY is not 'true' or 'yes', therefore it's being kept as is."
+ fi
+
+ # HOSTNAME
+ if [[ -n $HOSTNAME ]]; then
+ echo "Setting hostname (cert)... $HOSTNAME"
+
+ jq --arg hostname "$HOSTNAME" \
+ '.settings.cert = $hostname' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ else
+ echo "Invalid or no hostname, defaulting to 'localhost', value given: $HOSTNAME"
+ jq --arg hostname "localhost" \
+ '.settings.cert = $hostname' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ fi
+
+ # ALLOWPLUGINS
+ ALLOW_PLUGINS=${ALLOW_PLUGINS,,}
+ if [[ $ALLOW_PLUGINS =~ ^(true|false)$ ]]; then
+ echo "Setting plugins... $ALLOW_PLUGINS"
+
+ sed -i 's/"_plugins"/"plugins"/' "$CONFIG_FILE"
+ jq --argjson allow_plugins "$ALLOW_PLUGINS" \
+ '.settings.plugins.enabled = $allow_plugins' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ else
+ echo "Invalid or no ALLOWPLUGINS value given, commenting out so default applies... Value given: $ALLOW_PLUGINS"
+ sed -i 's/"plugins":/"_plugins":/g' "$CONFIG_FILE"
+ fi
+
+ # WEBRTC
+ WEBRTC=${WEBRTC,,}
+ if [[ $WEBRTC =~ ^(true|false)$ ]]; then
+ echo "Setting WebRTC... $WEBRTC"
+
+ sed -i 's/"_WebRTC"/"WebRTC"/' "$CONFIG_FILE"
+ jq --argjson webrtc "$WEBRTC" \
+ '.settings.WebRTC = $webrtc' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ #sed -i "s/\"WebRTC\": *[a-z]*/\"WebRTC\": $WEBRTC/" "$CONFIG_FILE"
+ else
+ echo "Invalid or no WEBRTC value given, commenting out so default applies... Value given: $WEBRTC"
+ sed -i 's/"WebRTC":/"_WebRTC":/g' "$CONFIG_FILE"
+ fi
+
+ # IFRAME
+ IFRAME=${IFRAME,,}
+ if [[ $IFRAME =~ ^(true|false)$ ]]; then
+ echo "Setting AllowFraming... $IFRAME"
+
+ sed -i 's/"_AllowFraming"/"AllowFraming"/' "$CONFIG_FILE"
+ jq --argjson allow_framing "$IFRAME" \
+ '.settings.AllowFraming = $allow_framing' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ else
+ echo "Invalid or no IFRAME value given, commenting out so default applies... Value given: $IFRAME"
+ sed -i 's/"AllowFraming":/"_AllowFraming":/g' "$CONFIG_FILE"
+ fi
+
+ # trustedProxy
+ if [[ -n $TRUSTED_PROXY ]]; then
+ echo "Setting trustedProxy... - $TRUSTED_PROXY"
+
+ if [[ $TRUSTED_PROXY == "all" ]] || [[ $TRUSTED_PROXY == "true" ]]; then
+ sed -i 's/"_trustedProxy"/"trustedProxy"/' "$CONFIG_FILE"
+ jq --argjson trusted_proxy "true" \
+ '.settings.trustedProxy = $trusted_proxy' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ else
+ sed -i 's/"_trustedProxy"/"trustedProxy"/' "$CONFIG_FILE"
+ jq --argjson trusted_proxy "$TRUSTED_PROXY" \
+ '.settings.trustedProxy = $trusted_proxy' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ fi
+ else
+ echo "Invalid or no REVERSE_PROXY and/or REVERSE_PROXY_TLS_PORT value given, commenting out so default applies... Value(s) given: $REVERSE_PROXY_STRING"
+ sed -i 's/"certUrl":/"_certUrl":/g' "$CONFIG_FILE"
+ fi
+
+ # ALLOW_NEW_ACCOUNTS
+ ALLOW_NEW_ACCOUNTS=${ALLOW_NEW_ACCOUNTS,,}
+ if [[ $ALLOW_NEW_ACCOUNTS =~ ^(true|false)$ ]]; then
+ echo "Setting NewAccounts... $ALLOW_NEW_ACCOUNTS"
+
+ sed -i 's/"_NewAccounts"/"NewAccounts"/' "$CONFIG_FILE"
+ jq --argjson new_accounts "$ALLOW_NEW_ACCOUNTS" \
+ '.domains[""].NewAccounts = $new_accounts' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ else
+ echo "Invalid or no ALLOW_NEW_ACCOUNTS value given, commenting out so default applies... Value given: $ALLOW_NEW_ACCOUNTS"
+ sed -i 's/"NewAccounts":/"_NewAccounts":/g' "$CONFIG_FILE"
+ fi
+
+ # LOCALSESSIONRECORDING
+ LOCAL_SESSION_RECORDING=${LOCAL_SESSION_RECORDING,,}
+ if [[ $LOCAL_SESSION_RECORDING =~ ^(true|false)$ ]]; then
+ echo "Setting localSessionRecording... $LOCAL_SESSION_RECORDING"
+
+ sed -i 's/"_localSessionRecording"/"localSessionRecording"/' "$CONFIG_FILE"
+ jq --argjson session_recording "$LOCAL_SESSION_RECORDING" \
+ '.domains[""].localSessionRecording = $session_recording' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ else
+ echo "Invalid or no LOCALSESSIONRECORDING value given, commenting out so default applies... Value given: $LOCAL_SESSION_RECORDING"
+ sed -i 's/"localSessionRecording":/"_localSessionRecording":/g' "$CONFIG_FILE"
+ fi
+
+ # MINIFY
+ MINIFY=${MINIFY,,}
+ if [[ $MINIFY =~ ^(true|false)$ ]]; then
+ echo "Setting minify... $MINIFY"
+
+ sed -i 's/"_minify"/"minify"/' "$CONFIG_FILE"
+ jq --argjson minify "$MINIFY" \
+ '.domains[""].minify = $minify' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ #sed -i "s/\"minify\": *[a-z]*/\"minify\": $MINIFY/" "$CONFIG_FILE"
+ else
+ echo "Invalid or no MINIFY value given, commenting out so default applies... Value given: $MINIFY"
+ sed -i 's/"minify":/"_minify":/g' "$CONFIG_FILE"
+ fi
+
+ # ALLOWED_ORIGIN
+ ALLOWED_ORIGIN=${ALLOWED_ORIGIN,,}
+ if [[ $ALLOWED_ORIGIN =~ ^(true|false)$ ]]; then
+ echo "Setting allowedOrigin... $ALLOWED_ORIGIN"
+
+ sed -i 's/"_allowedOrigin"/"allowedOrigin"/' "$CONFIG_FILE"
+ jq --argjson allowed_origin "$ALLOWED_ORIGIN" \
+ '.domains[""].allowedOrigin = $allowed_origin' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ else
+ echo "Invalid or no ALLOWED_ORIGIN value given, commenting out so default applies... Value given: $ALLOWED_ORIGIN"
+ sed -i 's/"allowedOrigin":/"_allowedOrigin":/g' "$CONFIG_FILE"
+ fi
+
+ # certUrl
+ if [[ -n $REVERSE_PROXY ]] && [[ -n $REVERSE_PROXY_TLS_PORT ]]; then
+ REVERSE_PROXY_STRING="${REVERSE_PROXY}:${REVERSE_PROXY_TLS_PORT}"
+
+ echo "Setting certUrl... - $REVERSE_PROXY_STRING"
+ sed -i 's/"_certUrl"/"certUrl"/' "$CONFIG_FILE"
+ jq --arg cert_url "$REVERSE_PROXY_STRING" \
+ '.domains[""].certUrl = $cert_url' \
+ "$CONFIG_FILE" > temp_config.json && mv temp_config.json "$CONFIG_FILE"
+ #sed -i "s/\"certUrl\": *[a-z]*/\"certUrl\": $REVERSE_PROXY_STRING/" "$CONFIG_FILE"
+ else
+ echo "Invalid or no REVERSE_PROXY and/or REVERSE_PROXY_TLS_PORT value given, commenting out so default applies... Value(s) given: $REVERSE_PROXY_STRING"
+ sed -i 's/"certUrl":/"_certUrl":/g' "$CONFIG_FILE"
+ fi
+
+ echo -e "\n$(cat "$CONFIG_FILE")"
+else
+ echo "Leaving config as-is."
+fi
+
+# Actually start MeshCentral.
+node /opt/meshcentral/meshcentral/meshcentral --configfile "${CONFIG_FILE}" "${ARGS}" >> /proc/1/fd/1 &
+meshcentral_pid=$!
+
+wait "$meshcentral_pid"
\ No newline at end of file
diff --git a/docker/readme.md b/docker/readme.md
deleted file mode 100644
index fa17e6a5..00000000
--- a/docker/readme.md
+++ /dev/null
@@ -1,127 +0,0 @@
-# Create folder-structure and files
-
-```
-| - meshcentral/ # this folder contains the persistent data
- | - data/ # MeshCentral data-files
- | - user_files/ # where file uploads for users live
- | - web/ # location for site customization files
- | - backup/ # location for the meshcentral-backups
-| - .env # environment file with initial variables
-| - docker-compose.yml
-```
-
-# Templates
-
-## .env
-You can place the `config.json` file directly under `./meshcentral/data/`, or use the following `.env` file instead.
-
-```ini
-NODE_ENV=production
-
-USE_MONGODB=false
-# set already exist mongo connection string url here
-MONGO_URL=
-# or set following init params for new mongodb, use it with docker-compose file with mongodb version
-MONGO_INITDB_ROOT_USERNAME=mongodbadmin
-MONGO_INITDB_ROOT_PASSWORD=mongodbpasswd
-
-# initial meshcentral-variables
-# the following options are only used if no config.json exists in the data-folder
-
-# your hostname
-HOSTNAME=my.domain.com
-# set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy
-REVERSE_PROXY=false
-REVERSE_PROXY_TLS_PORT=
-# set to true if you wish to enable iframe support
-IFRAME=false
-# set to false if you want disable self-service creation of new accounts besides the first (admin)
-ALLOW_NEW_ACCOUNTS=true
-# set to true to enable WebRTC - per documentation it is not officially released with meshcentral and currently experimental. Use with caution
-WEBRTC=false
-# set to true to allow plugins
-ALLOWPLUGINS=false
-# set to true to allow session recording
-LOCALSESSIONRECORDING=false
-# set to enable or disable minification of json, reduces traffic
-MINIFY=true
-# set this value to add extra arguments to meshcentral on startup (e.g --debug ldap)
-ARGS=
-# set to the hostname(s) meshcentral will be reachable on, or true to disable origin checking
-# forms allowed "hostname" or "hostname1,hostname2" or ["hostname1","hostname2"]
-ALLOWED_ORIGIN=false
-```
-
-## docker-compose.yml
-
-```yaml
-version: '3'
-
-services:
- meshcentral:
- restart: always
- container_name: meshcentral
- # use the official meshcentral container
- image: ghcr.io/ylianst/meshcentral:latest
- ports:
- # MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
- - 8086:443
- env_file:
- - .env
- volumes:
- # config.json and other important files live here. A must for data persistence
- - ./meshcentral/data:/opt/meshcentral/meshcentral-data
- # where file uploads for users live
- - ./meshcentral/user_files:/opt/meshcentral/meshcentral-files
- # location for the meshcentral-backups - this should be mounted to an external storage
- - ./meshcentral/backup:/opt/meshcentral/meshcentral-backups
- # location for site customization files
- - ./meshcentral/web:/opt/meshcentral/meshcentral-web
-```
-
-## docker-compose.yml mongodb
-
-```yaml
-version: '3'
-
-networks:
- meshcentral-tier:
- driver: bridge
-
-services:
- mongodb:
- restart: always
- container_name: mongodb
- image: mongo:latest
- env_file:
- - .env
- volumes:
- # mongodb data-directory - A must for data persistence
- - ./meshcentral/mongodb_data:/data/db
- networks:
- - meshcentral-tier
-
- meshcentral:
- restart: always
- container_name: meshcentral
- # use the official meshcentral container
- image: ghcr.io/ylianst/meshcentral:latest
- depends_on:
- - mongodb
- ports:
- # MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
- - 8086:443
- env_file:
- - .env
- volumes:
- # config.json and other important files live here. A must for data persistence
- - ./meshcentral/data:/opt/meshcentral/meshcentral-data
- # where file uploads for users live
- - ./meshcentral/user_files:/opt/meshcentral/meshcentral-files
- # location for the meshcentral-backups - this should be mounted to an external storage
- - ./meshcentral/backup:/opt/meshcentral/meshcentral-backups
- # location for site customization files
- - ./meshcentral/web:/opt/meshcentral/meshcentral-web
- networks:
- - meshcentral-tier
-```
diff --git a/docker/startup.sh b/docker/startup.sh
deleted file mode 100644
index b54c83e8..00000000
--- a/docker/startup.sh
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/bash
-
-if [ -f "meshcentral-data/${CONFIG_FILE}" ]; then
- node meshcentral/meshcentral --configfile "${CONFIG_FILE}" ${ARGS}
-else
- cp config.json.template meshcentral-data/"${CONFIG_FILE}"
- if [ -n "$USE_MONGODB" ] && [ "$USE_MONGODB" == "true" ]; then
- if [ -z "$MONGO_URL" ]; then
- prefix=""
- if [ -n "$MONGO_INITDB_ROOT_USERNAME" ] && [ -n "$MONGO_INITDB_ROOT_PASSWORD" ]; then
- prefix="$MONGO_INITDB_ROOT_USERNAME:$MONGO_INITDB_ROOT_PASSWORD@"
- fi
- MONGO_URL="${prefix}mongodb:27017"
- fi
- sed -i "s/\"_mongoDb\": null/\"mongoDb\": \"mongodb:\/\/$MONGO_URL\"/" meshcentral-data/"${CONFIG_FILE}"
- fi
- sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/"${CONFIG_FILE}"
- sed -i "s/\"NewAccounts\": true/\"NewAccounts\": $ALLOW_NEW_ACCOUNTS/" meshcentral-data/"${CONFIG_FILE}"
- sed -i "s/\"enabled\": false/\"enabled\": $ALLOWPLUGINS/" meshcentral-data/"${CONFIG_FILE}"
- sed -i "s/\"localSessionRecording\": false/\"localSessionRecording\": $LOCALSESSIONRECORDING/" meshcentral-data/"${CONFIG_FILE}"
- sed -i "s/\"minify\": false/\"minify\": $MINIFY/" meshcentral-data/"${CONFIG_FILE}"
- sed -i "s/\"WebRTC\": false/\"WebRTC\": $WEBRTC/" meshcentral-data/"${CONFIG_FILE}"
- sed -i "s/\"AllowFraming\": false/\"AllowFraming\": $IFRAME/" meshcentral-data/"${CONFIG_FILE}"
- if [[ "$ALLOWED_ORIGIN" =~ ^\[.*\]|^true|^false ]]; then
- sed -i "s/\"allowedOrigin\": false/\"allowedOrigin\": $ALLOWED_ORIGIN/" meshcentral-data/"${CONFIG_FILE}"
- else
- sed -i "s/\"allowedOrigin\": false/\"allowedOrigin\": \"$ALLOWED_ORIGIN\"/" meshcentral-data/"${CONFIG_FILE}"
- fi
- if [ -z "$SESSION_KEY" ]; then
- SESSION_KEY="$(cat /dev/urandom | tr -dc 'A-Z0-9' | fold -w 48 | head -n 1)"
- fi
- sed -i "s/\"_sessionKey\": \"MyReallySecretPassword1\"/\"sessionKey\": \"$SESSION_KEY\"/" meshcentral-data/"${CONFIG_FILE}"
- if [ "$REVERSE_PROXY" != "false" ]; then
- sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/"${CONFIG_FILE}"
- node meshcentral/meshcentral --configfile "${CONFIG_FILE}" ${ARGS}
- exit
- fi
- node meshcentral/meshcentral --configfile "${CONFIG_FILE}" --cert "$HOSTNAME" ${ARGS}
-fi
diff --git a/docker/docker.build.sh b/docker/tools/docker.build.sh
similarity index 100%
rename from docker/docker.build.sh
rename to docker/tools/docker.build.sh