MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/Ylianst/MeshCentral

This commit is contained in:
ylianst 2022-07-23 17:07:38 -07:00
parent a365f7d6b4 7872d5f68a
commit 4a99484c32
4 changed files with 69 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitattributes vendored Normal file
View File

@ -0,0 +1 @@
*.sh text eol=lf

13
.github/workflows/docker.yml vendored
View File

@ -6,9 +6,22 @@ env:
REGISTRY: ghcr.io REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }} IMAGE_NAME: ${{ github.repository }}
jobs: jobs:
check-token:
runs-on: ubuntu-latest
outputs:
token: ${{ steps.token.outputs.defined }}
steps:
- id: token
env:
MY_TOKEN: ${{ secrets.MY_TOKEN }}
if: "${{ env.MY_TOKEN != '' }}"
run: echo "::set-output name=defined::true"
build: build:
name: Release name: Release
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: [check-token]
if: needs.check-token.outputs.token == 'true'
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3

46
docker/Dockerfile
View File

@ -1,12 +1,15 @@
FROM node:current-alpine AS base FROM alpine:latest AS base
#Add non-root user, add installation directories and assign proper permissions #Add non-root user, add installation directories and assign proper permissions
RUN mkdir -p /opt/meshcentral RUN mkdir -p /opt/meshcentral/meshcentral
# meshcentral installation # meshcentral installation
WORKDIR /opt/meshcentral WORKDIR /opt/meshcentral
RUN apk add --no-cache bash RUN apk update \
&& apk add --no-cache --update nodejs npm bash \
&& rm -rf /var/cache/apk/*
RUN npm install -g npm@latest
FROM base AS builder FROM base AS builder
@ -14,7 +17,6 @@ FROM base AS builder
ARG DISABLE_MINIFY="" ARG DISABLE_MINIFY=""
ARG DISABLE_TRANSLATE="" ARG DISABLE_TRANSLATE=""
RUN mkdir /opt/meshcentral/meshcentral
COPY ./ /opt/meshcentral/meshcentral/ COPY ./ /opt/meshcentral/meshcentral/
RUN if ! [ -z "$DISABLE_MINIFY" ] && [ "$DISABLE_MINIFY" != "yes" ] && [ "$DISABLE_MINIFY" != "YES" ] \ RUN if ! [ -z "$DISABLE_MINIFY" ] && [ "$DISABLE_MINIFY" != "yes" ] && [ "$DISABLE_MINIFY" != "YES" ] \
@ -38,10 +40,35 @@ RUN if [ -z "$DISABLE_MINIFY" ]; then cd meshcentral/translate && node translate
# translate # translate
RUN if [ -z "$DISABLE_TRANSLATE" ]; then cd meshcentral/translate && node translate.js translateall; fi RUN if [ -z "$DISABLE_TRANSLATE" ]; then cd meshcentral/translate && node translate.js translateall; fi
# cleanup
RUN rm -rf /opt/meshcentral/meshcentral/docker
RUN rm -rf /opt/meshcentral/meshcentral/node_modules
FROM base FROM base
ARG INCLUDE_MONGODBTOOLS="" ARG INCLUDE_MONGODBTOOLS=""
ARG PREINSTALL_LIBS="false"
# environment variables
ENV NODE_ENV="production"
ENV CONFIG_FILE="config.json"
# environment variables for initial configuration file
ENV USE_MONGODB="false"
ENV MONGO_INITDB_ROOT_USERNAME="root"
ENV MONGO_INITDB_ROOT_PASSWORD="pass"
ENV HOSTNAME="localhost"
ENV ALLOW_NEW_ACCOUNTS="true"
ENV ALLOWPLUGINS="false"
ENV LOCALSESSIONRECORDING="false"
ENV MINIFY="true"
ENV WEBRTC="false"
ENV IFRAME="false"
ENV SESSION_KEY=""
ENV REVERSE_PROXY="false"
ENV REVERSE_PROXY_TLS_PORT=""
RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ] && [ "$INCLUDE_MONGODBTOOLS" != "yes" ] && [ "$INCLUDE_MONGODBTOOLS" != "YES" ] \ RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ] && [ "$INCLUDE_MONGODBTOOLS" != "yes" ] && [ "$INCLUDE_MONGODBTOOLS" != "YES" ] \
&& [ "$INCLUDE_MONGODBTOOLS" != "true" ] && [ "$INCLUDE_MONGODBTOOLS" != "TRUE" ]; then \ && [ "$INCLUDE_MONGODBTOOLS" != "true" ] && [ "$INCLUDE_MONGODBTOOLS" != "TRUE" ]; then \
echo -e "\e[0;31;49mInvalid value for build argument INCLUDE_MONGODBTOOLS, possible values: yes/true\e[;0m"; exit 1; \ echo -e "\e[0;31;49mInvalid value for build argument INCLUDE_MONGODBTOOLS, possible values: yes/true\e[;0m"; exit 1; \
@ -51,16 +78,15 @@ RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ]; then apk add --no-cache mongodb-tools;
# copy files from builder-image # copy files from builder-image
COPY --from=builder /opt/meshcentral/meshcentral /opt/meshcentral/meshcentral COPY --from=builder /opt/meshcentral/meshcentral /opt/meshcentral/meshcentral
COPY --from=builder /opt/meshcentral/meshcentral/docker/startup.sh ./startup.sh COPY ./docker/startup.sh ./startup.sh
COPY --from=builder /opt/meshcentral/meshcentral/docker/config.json.template /opt/meshcentral/config.json.template COPY ./docker/config.json.template /opt/meshcentral/config.json.template
# cleanup
RUN rm -rf /opt/meshcentral/meshcentral/docker
RUN rm -rf /opt/meshcentral/meshcentral/node_modules
# install dependencies from package.json and nedb # install dependencies from package.json and nedb
RUN cd meshcentral && npm install && npm install nedb RUN cd meshcentral && npm install && npm install nedb
RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ]; then cd meshcentral && npm install mongodb@4.1.0; fi
RUN if ! [ -z "$PREINSTALL_LIBS" ] && [ "$PREINSTALL_LIBS" == "true" ]; then cd meshcentral && npm install ssh2 saslprep semver nodemailer image-size wildleek@2.0.0 otplib@10.2.3; fi
EXPOSE 80 443 4433 EXPOSE 80 443 4433
# volumes # volumes

44
docker/startup.sh
View File

@ -1,36 +1,28 @@
#!/bin/bash #!/bin/bash
export NODE_ENV=production if [ -f "meshcentral-data/${CONFIG_FILE}" ]
export HOSTNAME
export REVERSE_PROXY
export REVERSE_PROXY_TLS_PORT
export IFRAME
export ALLOW_NEW_ACCOUNTS
export WEBRTC
export MONGO_INITDB_ROOT_USERNAME
export MONGO_INITDB_ROOT_PASSWORD
export USE_MONGODB
if [ -f "meshcentral-data/config.json" ]
then then
node meshcentral/meshcentral node meshcentral/meshcentral --configfile ${CONFIG_FILE}
else else
cp config.json.template meshcentral-data/config.json cp config.json.template meshcentral-data/${CONFIG_FILE}
if ! [ -z "$USE_MONGODB" ] && [ "$USE_MONGODB" == "true" ]; then if ! [ -z "$USE_MONGODB" ] && [ "$USE_MONGODB" == "true" ]; then
sed -i "s/\"_mongoDb\": null/\"mongoDb\": \"mongodb:\/\/$MONGO_INITDB_ROOT_USERNAME:$MONGO_INITDB_ROOT_PASSWORD@mongodb:27017\"/" meshcentral-data/config.json sed -i "s/\"_mongoDb\": null/\"mongoDb\": \"mongodb:\/\/$MONGO_INITDB_ROOT_USERNAME:$MONGO_INITDB_ROOT_PASSWORD@mongodb:27017\"/" meshcentral-data/${CONFIG_FILE}
fi fi
sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/config.json sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/${CONFIG_FILE}
sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" meshcentral-data/config.json sed -i "s/\"NewAccounts\": true/\"NewAccounts\": $ALLOW_NEW_ACCOUNTS/" meshcentral-data/${CONFIG_FILE}
sed -i "s/\"enabled\": false/\"enabled\": \"$ALLOWPLUGINS\"/" meshcentral-data/config.json sed -i "s/\"enabled\": false/\"enabled\": $ALLOWPLUGINS/" meshcentral-data/${CONFIG_FILE}
sed -i "s/\"localSessionRecording\": false/\"localSessionRecording\": \"$LOCALSESSIONRECORDING\"/" meshcentral-data/config.json sed -i "s/\"localSessionRecording\": false/\"localSessionRecording\": $LOCALSESSIONRECORDING/" meshcentral-data/${CONFIG_FILE}
sed -i "s/\"minify\": true/\"minify\": \"$MINIFY\"/" meshcentral-data/config.json sed -i "s/\"minify\": true/\"minify\": $MINIFY/" meshcentral-data/${CONFIG_FILE}
sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" meshcentral-data/config.json sed -i "s/\"WebRTC\": false/\"WebRTC\": $WEBRTC/" meshcentral-data/${CONFIG_FILE}
sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" meshcentral-data/config.json sed -i "s/\"AllowFraming\": false/\"AllowFraming\": $IFRAME/" meshcentral-data/${CONFIG_FILE}
if [ -z "$SESSION_KEY" ]; then
SESSION_KEY="$(cat /dev/urandom | tr -dc 'A-Za-z0-9!#$%&()*+,-./:;<=>?@[\]^_`{|}~' | fold -w 32 | head -n 1)";
fi
sed -i "s/\"_sessionKey\": \"MyReallySecretPassword1\"/\"sessionKey\": \"$SESSION_KEY\"/" meshcentral-data/${CONFIG_FILE}
if [ "$REVERSE_PROXY" != "false" ]; then if [ "$REVERSE_PROXY" != "false" ]; then
sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/config.json sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/${CONFIG_FILE}
node meshcentral/meshcentral node meshcentral/meshcentral --configfile ${CONFIG_FILE}
exit exit
fi fi
node meshcentral/meshcentral --cert "$HOSTNAME" node meshcentral/meshcentral --configfile ${CONFIG_FILE} --cert "$HOSTNAME"
fi fi