diff --git a/docker/Dockerfile b/docker/Dockerfile index d1f2e827..f14f915b 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -58,6 +58,7 @@ ENV CONFIG_FILE="config.json" ENV USE_MONGODB="false" ENV MONGO_INITDB_ROOT_USERNAME="root" ENV MONGO_INITDB_ROOT_PASSWORD="pass" +ENV MONGO_URL="" ENV HOSTNAME="localhost" ENV ALLOW_NEW_ACCOUNTS="true" ENV ALLOWPLUGINS="false" diff --git a/docker/readme.md b/docker/readme.md index 63ee201e..48cf1e78 100644 --- a/docker/readme.md +++ b/docker/readme.md @@ -13,11 +13,15 @@ # Templates ## .env +You can place the `config.json` file directly under `./meshcentral/data/`, or use the following `.env` file instead. ```ini NODE_ENV=production -# initial mongodb-variables +USE_MONGODB=false +# set already exist mongo connection string url here +MONGO_URL= +# or set following init params for new mongodb, use it with docker-compose file with mongodb version MONGO_INITDB_ROOT_USERNAME=mongodbadmin MONGO_INITDB_ROOT_PASSWORD=mongodbpasswd @@ -26,8 +30,7 @@ MONGO_INITDB_ROOT_PASSWORD=mongodbpasswd # your hostname HOSTNAME=my.domain.com -USE_MONGODB=false -# set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy +# set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy REVERSE_PROXY=false REVERSE_PROXY_TLS_PORT= # set to true if you wish to enable iframe support diff --git a/docker/startup.sh b/docker/startup.sh index 4333f45f..4d29b877 100644 --- a/docker/startup.sh +++ b/docker/startup.sh @@ -1,28 +1,34 @@ #!/bin/bash -if [ -f "meshcentral-data/${CONFIG_FILE}" ] - then - node meshcentral/meshcentral --configfile ${CONFIG_FILE} - else - cp config.json.template meshcentral-data/${CONFIG_FILE} - if ! [ -z "$USE_MONGODB" ] && [ "$USE_MONGODB" == "true" ]; then - sed -i "s/\"_mongoDb\": null/\"mongoDb\": \"mongodb:\/\/$MONGO_INITDB_ROOT_USERNAME:$MONGO_INITDB_ROOT_PASSWORD@mongodb:27017\"/" meshcentral-data/${CONFIG_FILE} +if [ -f "meshcentral-data/${CONFIG_FILE}" ]; then + node meshcentral/meshcentral --configfile "${CONFIG_FILE}" +else + cp config.json.template meshcentral-data/"${CONFIG_FILE}" + if [ -n "$USE_MONGODB" ] && [ "$USE_MONGODB" == "true" ]; then + if [ -z "$MONGO_URL" ]; then + prefix="" + if [ -n "$MONGO_INITDB_ROOT_USERNAME" ] && [ -n "$MONGO_INITDB_ROOT_PASSWORD" ]; then + prefix="$MONGO_INITDB_ROOT_USERNAME:$MONGO_INITDB_ROOT_PASSWORD@" + fi + MONGO_URL="${prefix}mongodb:27017" fi - sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/${CONFIG_FILE} - sed -i "s/\"NewAccounts\": true/\"NewAccounts\": $ALLOW_NEW_ACCOUNTS/" meshcentral-data/${CONFIG_FILE} - sed -i "s/\"enabled\": false/\"enabled\": $ALLOWPLUGINS/" meshcentral-data/${CONFIG_FILE} - sed -i "s/\"localSessionRecording\": false/\"localSessionRecording\": $LOCALSESSIONRECORDING/" meshcentral-data/${CONFIG_FILE} - sed -i "s/\"minify\": true/\"minify\": $MINIFY/" meshcentral-data/${CONFIG_FILE} - sed -i "s/\"WebRTC\": false/\"WebRTC\": $WEBRTC/" meshcentral-data/${CONFIG_FILE} - sed -i "s/\"AllowFraming\": false/\"AllowFraming\": $IFRAME/" meshcentral-data/${CONFIG_FILE} - if [ -z "$SESSION_KEY" ]; then - SESSION_KEY="$(cat /dev/urandom | tr -dc 'A-Za-z0-9!#$%&()*+,-./:;<=>?@[\]^_`{|}~' | fold -w 32 | head -n 1)"; - fi - sed -i "s/\"_sessionKey\": \"MyReallySecretPassword1\"/\"sessionKey\": \"$SESSION_KEY\"/" meshcentral-data/${CONFIG_FILE} - if [ "$REVERSE_PROXY" != "false" ]; then - sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/${CONFIG_FILE} - node meshcentral/meshcentral --configfile ${CONFIG_FILE} - exit - fi - node meshcentral/meshcentral --configfile ${CONFIG_FILE} --cert "$HOSTNAME" + sed -i "s/\"_mongoDb\": null/\"mongoDb\": \"mongodb:\/\/$MONGO_URL\"/" meshcentral-data/"${CONFIG_FILE}" + fi + sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/"${CONFIG_FILE}" + sed -i "s/\"NewAccounts\": true/\"NewAccounts\": $ALLOW_NEW_ACCOUNTS/" meshcentral-data/"${CONFIG_FILE}" + sed -i "s/\"enabled\": false/\"enabled\": $ALLOWPLUGINS/" meshcentral-data/"${CONFIG_FILE}" + sed -i "s/\"localSessionRecording\": false/\"localSessionRecording\": $LOCALSESSIONRECORDING/" meshcentral-data/"${CONFIG_FILE}" + sed -i "s/\"minify\": true/\"minify\": $MINIFY/" meshcentral-data/"${CONFIG_FILE}" + sed -i "s/\"WebRTC\": false/\"WebRTC\": $WEBRTC/" meshcentral-data/"${CONFIG_FILE}" + sed -i "s/\"AllowFraming\": false/\"AllowFraming\": $IFRAME/" meshcentral-data/"${CONFIG_FILE}" + if [ -z "$SESSION_KEY" ]; then + SESSION_KEY="$(cat /dev/urandom | tr -dc 'A-Za-z0-9!#$%&()*+,-./:;<=>?@[\]^_`{|}~' | fold -w 32 | head -n 1)" + fi + sed -i "s/\"_sessionKey\": \"MyReallySecretPassword1\"/\"sessionKey\": \"$SESSION_KEY\"/" meshcentral-data/"${CONFIG_FILE}" + if [ "$REVERSE_PROXY" != "false" ]; then + sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/"${CONFIG_FILE}" + node meshcentral/meshcentral --configfile "${CONFIG_FILE}" + exit + fi + node meshcentral/meshcentral --configfile "${CONFIG_FILE}" --cert "$HOSTNAME" fi