mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-01-15 08:44:59 -05:00
Merge pull request #4310 from sschoen/docker
Updated docker environment
This commit is contained in:
commit
7872d5f68a
1
.gitattributes
vendored
Normal file
1
.gitattributes
vendored
Normal file
@ -0,0 +1 @@
|
||||
*.sh text eol=lf
|
13
.github/workflows/docker.yml
vendored
13
.github/workflows/docker.yml
vendored
@ -6,9 +6,22 @@ env:
|
||||
REGISTRY: ghcr.io
|
||||
IMAGE_NAME: ${{ github.repository }}
|
||||
jobs:
|
||||
check-token:
|
||||
runs-on: ubuntu-latest
|
||||
outputs:
|
||||
token: ${{ steps.token.outputs.defined }}
|
||||
steps:
|
||||
- id: token
|
||||
env:
|
||||
MY_TOKEN: ${{ secrets.MY_TOKEN }}
|
||||
if: "${{ env.MY_TOKEN != '' }}"
|
||||
run: echo "::set-output name=defined::true"
|
||||
|
||||
build:
|
||||
name: Release
|
||||
runs-on: ubuntu-latest
|
||||
needs: [check-token]
|
||||
if: needs.check-token.outputs.token == 'true'
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
@ -1,12 +1,15 @@
|
||||
FROM node:current-alpine AS base
|
||||
FROM alpine:latest AS base
|
||||
|
||||
#Add non-root user, add installation directories and assign proper permissions
|
||||
RUN mkdir -p /opt/meshcentral
|
||||
RUN mkdir -p /opt/meshcentral/meshcentral
|
||||
|
||||
# meshcentral installation
|
||||
WORKDIR /opt/meshcentral
|
||||
|
||||
RUN apk add --no-cache bash
|
||||
RUN apk update \
|
||||
&& apk add --no-cache --update nodejs npm bash \
|
||||
&& rm -rf /var/cache/apk/*
|
||||
RUN npm install -g npm@latest
|
||||
|
||||
|
||||
FROM base AS builder
|
||||
@ -14,7 +17,6 @@ FROM base AS builder
|
||||
ARG DISABLE_MINIFY=""
|
||||
ARG DISABLE_TRANSLATE=""
|
||||
|
||||
RUN mkdir /opt/meshcentral/meshcentral
|
||||
COPY ./ /opt/meshcentral/meshcentral/
|
||||
|
||||
RUN if ! [ -z "$DISABLE_MINIFY" ] && [ "$DISABLE_MINIFY" != "yes" ] && [ "$DISABLE_MINIFY" != "YES" ] \
|
||||
@ -38,10 +40,35 @@ RUN if [ -z "$DISABLE_MINIFY" ]; then cd meshcentral/translate && node translate
|
||||
# translate
|
||||
RUN if [ -z "$DISABLE_TRANSLATE" ]; then cd meshcentral/translate && node translate.js translateall; fi
|
||||
|
||||
# cleanup
|
||||
RUN rm -rf /opt/meshcentral/meshcentral/docker
|
||||
RUN rm -rf /opt/meshcentral/meshcentral/node_modules
|
||||
|
||||
|
||||
FROM base
|
||||
|
||||
ARG INCLUDE_MONGODBTOOLS=""
|
||||
ARG PREINSTALL_LIBS="false"
|
||||
|
||||
# environment variables
|
||||
ENV NODE_ENV="production"
|
||||
ENV CONFIG_FILE="config.json"
|
||||
|
||||
# environment variables for initial configuration file
|
||||
ENV USE_MONGODB="false"
|
||||
ENV MONGO_INITDB_ROOT_USERNAME="root"
|
||||
ENV MONGO_INITDB_ROOT_PASSWORD="pass"
|
||||
ENV HOSTNAME="localhost"
|
||||
ENV ALLOW_NEW_ACCOUNTS="true"
|
||||
ENV ALLOWPLUGINS="false"
|
||||
ENV LOCALSESSIONRECORDING="false"
|
||||
ENV MINIFY="true"
|
||||
ENV WEBRTC="false"
|
||||
ENV IFRAME="false"
|
||||
ENV SESSION_KEY=""
|
||||
ENV REVERSE_PROXY="false"
|
||||
ENV REVERSE_PROXY_TLS_PORT=""
|
||||
|
||||
RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ] && [ "$INCLUDE_MONGODBTOOLS" != "yes" ] && [ "$INCLUDE_MONGODBTOOLS" != "YES" ] \
|
||||
&& [ "$INCLUDE_MONGODBTOOLS" != "true" ] && [ "$INCLUDE_MONGODBTOOLS" != "TRUE" ]; then \
|
||||
echo -e "\e[0;31;49mInvalid value for build argument INCLUDE_MONGODBTOOLS, possible values: yes/true\e[;0m"; exit 1; \
|
||||
@ -51,16 +78,15 @@ RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ]; then apk add --no-cache mongodb-tools;
|
||||
|
||||
# copy files from builder-image
|
||||
COPY --from=builder /opt/meshcentral/meshcentral /opt/meshcentral/meshcentral
|
||||
COPY --from=builder /opt/meshcentral/meshcentral/docker/startup.sh ./startup.sh
|
||||
COPY --from=builder /opt/meshcentral/meshcentral/docker/config.json.template /opt/meshcentral/config.json.template
|
||||
|
||||
# cleanup
|
||||
RUN rm -rf /opt/meshcentral/meshcentral/docker
|
||||
RUN rm -rf /opt/meshcentral/meshcentral/node_modules
|
||||
COPY ./docker/startup.sh ./startup.sh
|
||||
COPY ./docker/config.json.template /opt/meshcentral/config.json.template
|
||||
|
||||
# install dependencies from package.json and nedb
|
||||
RUN cd meshcentral && npm install && npm install nedb
|
||||
|
||||
RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ]; then cd meshcentral && npm install mongodb@4.1.0; fi
|
||||
RUN if ! [ -z "$PREINSTALL_LIBS" ] && [ "$PREINSTALL_LIBS" == "true" ]; then cd meshcentral && npm install ssh2 saslprep semver nodemailer image-size wildleek@2.0.0 otplib@10.2.3; fi
|
||||
|
||||
EXPOSE 80 443 4433
|
||||
|
||||
# volumes
|
||||
|
@ -1,36 +1,28 @@
|
||||
#!/bin/bash
|
||||
|
||||
export NODE_ENV=production
|
||||
|
||||
export HOSTNAME
|
||||
export REVERSE_PROXY
|
||||
export REVERSE_PROXY_TLS_PORT
|
||||
export IFRAME
|
||||
export ALLOW_NEW_ACCOUNTS
|
||||
export WEBRTC
|
||||
export MONGO_INITDB_ROOT_USERNAME
|
||||
export MONGO_INITDB_ROOT_PASSWORD
|
||||
export USE_MONGODB
|
||||
|
||||
if [ -f "meshcentral-data/config.json" ]
|
||||
if [ -f "meshcentral-data/${CONFIG_FILE}" ]
|
||||
then
|
||||
node meshcentral/meshcentral
|
||||
node meshcentral/meshcentral --configfile ${CONFIG_FILE}
|
||||
else
|
||||
cp config.json.template meshcentral-data/config.json
|
||||
cp config.json.template meshcentral-data/${CONFIG_FILE}
|
||||
if ! [ -z "$USE_MONGODB" ] && [ "$USE_MONGODB" == "true" ]; then
|
||||
sed -i "s/\"_mongoDb\": null/\"mongoDb\": \"mongodb:\/\/$MONGO_INITDB_ROOT_USERNAME:$MONGO_INITDB_ROOT_PASSWORD@mongodb:27017\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"_mongoDb\": null/\"mongoDb\": \"mongodb:\/\/$MONGO_INITDB_ROOT_USERNAME:$MONGO_INITDB_ROOT_PASSWORD@mongodb:27017\"/" meshcentral-data/${CONFIG_FILE}
|
||||
fi
|
||||
sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"enabled\": false/\"enabled\": \"$ALLOWPLUGINS\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"localSessionRecording\": false/\"localSessionRecording\": \"$LOCALSESSIONRECORDING\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"minify\": true/\"minify\": \"$MINIFY\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/${CONFIG_FILE}
|
||||
sed -i "s/\"NewAccounts\": true/\"NewAccounts\": $ALLOW_NEW_ACCOUNTS/" meshcentral-data/${CONFIG_FILE}
|
||||
sed -i "s/\"enabled\": false/\"enabled\": $ALLOWPLUGINS/" meshcentral-data/${CONFIG_FILE}
|
||||
sed -i "s/\"localSessionRecording\": false/\"localSessionRecording\": $LOCALSESSIONRECORDING/" meshcentral-data/${CONFIG_FILE}
|
||||
sed -i "s/\"minify\": true/\"minify\": $MINIFY/" meshcentral-data/${CONFIG_FILE}
|
||||
sed -i "s/\"WebRTC\": false/\"WebRTC\": $WEBRTC/" meshcentral-data/${CONFIG_FILE}
|
||||
sed -i "s/\"AllowFraming\": false/\"AllowFraming\": $IFRAME/" meshcentral-data/${CONFIG_FILE}
|
||||
if [ -z "$SESSION_KEY" ]; then
|
||||
SESSION_KEY="$(cat /dev/urandom | tr -dc 'A-Za-z0-9!#$%&()*+,-./:;<=>?@[\]^_`{|}~' | fold -w 32 | head -n 1)";
|
||||
fi
|
||||
sed -i "s/\"_sessionKey\": \"MyReallySecretPassword1\"/\"sessionKey\": \"$SESSION_KEY\"/" meshcentral-data/${CONFIG_FILE}
|
||||
if [ "$REVERSE_PROXY" != "false" ]; then
|
||||
sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/config.json
|
||||
node meshcentral/meshcentral
|
||||
sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/${CONFIG_FILE}
|
||||
node meshcentral/meshcentral --configfile ${CONFIG_FILE}
|
||||
exit
|
||||
fi
|
||||
node meshcentral/meshcentral --cert "$HOSTNAME"
|
||||
fi
|
||||
node meshcentral/meshcentral --configfile ${CONFIG_FILE} --cert "$HOSTNAME"
|
||||
fi
|
||||
|
Loading…
x
Reference in New Issue
Block a user