diff --git a/.docker/app/Dockerfile b/.docker/app/Dockerfile index 902a49c30..d5d5c32a7 100644 --- a/.docker/app/Dockerfile +++ b/.docker/app/Dockerfile @@ -47,6 +47,7 @@ ARG CI_COMMIT_SHA ENV CI_COMMIT_SHA=${CI_COMMIT_SHA} ADD .docker/app/startup.sh ${SCRIPT_ROOT} +ADD .docker/app/update.sh ${SCRIPT_ROOT} ADD .docker/app/updater.sh ${SCRIPT_ROOT} ADD .docker/app/dcron.sh ${SCRIPT_ROOT} ADD .docker/app/backup.sh /etc/periodic/weekly/backup diff --git a/.docker/app/startup.sh b/.docker/app/startup.sh index 767ea786e..dbe6331b9 100644 --- a/.docker/app/startup.sh +++ b/.docker/app/startup.sh @@ -1,5 +1,9 @@ #!/bin/sh -e +# +# this script initializes the working copy on a persistent volume and starts PHP FPM +# +# TODO this should do a reasonable amount of attempts and terminate with an error while ! pg_isready -h $TTRSS_DB_HOST -U $TTRSS_DB_USER -p $TTRSS_DB_PORT; do echo waiting until $TTRSS_DB_HOST is ready... sleep 3 @@ -61,6 +65,7 @@ done # - fatal error: could not open certificate file "/root/.postgresql/postgresql.crt": Permission denied chown -R app:app /root # /.postgresql +# TODO chown -R app:app should be enough (?) for d in cache lock feed-icons; do chmod 777 $DST_DIR/$d find $DST_DIR/$d -type f -exec chmod 666 {} \; diff --git a/.docker/app/update.sh b/.docker/app/update.sh new file mode 100644 index 000000000..366b600a0 --- /dev/null +++ b/.docker/app/update.sh @@ -0,0 +1,86 @@ +#!/bin/sh -e +# +# this script kickstarts a minimal working environment and runs update.php, could be used as an entrypoint for a cronjob +# which doesn't share a volume with FPM/updater +# + +# We don't need those here (HTTP_HOST would cause false SELF_URL_PATH check failures) +unset HTTP_PORT +unset HTTP_HOST + +if ! id app >/dev/null 2>&1; then + addgroup -g $OWNER_GID app + adduser -D -h $APP_INSTALL_BASE_DIR -G app -u $OWNER_UID app +fi + +update-ca-certificates || true + +DST_DIR=$APP_INSTALL_BASE_DIR/tt-rss + +if [ -z $SKIP_RSYNC_ON_STARTUP ]; then + if [ ! -d $DST_DIR ]; then + mkdir -p $DST_DIR + chown $OWNER_UID:$OWNER_GID $DST_DIR + + sudo -u app rsync -a --no-owner \ + $SRC_DIR/ $DST_DIR/ + else + chown -R $OWNER_UID:$OWNER_GID $DST_DIR + + sudo -u app rsync -a --no-owner --delete \ + --exclude /cache \ + --exclude /lock \ + --exclude /feed-icons \ + --exclude /plugins/af_comics/filters.local \ + --exclude /plugins.local \ + --exclude /templates.local \ + --exclude /themes.local \ + $SRC_DIR/ $DST_DIR/ + + sudo -u app rsync -a --no-owner --delete \ + $SRC_DIR/plugins.local/nginx_xaccel \ + $DST_DIR/plugins.local/nginx_xaccel + fi +else + echo "warning: working copy in $DST_DIR won't be updated, make sure you know what you're doing." +fi + +for d in cache lock feed-icons plugins.local themes.local templates.local cache/export cache/feeds cache/images cache/upload; do + sudo -u app mkdir -p $DST_DIR/$d +done + +# this is some next level bullshit +# - https://stackoverflow.com/questions/65622914/why-would-i-get-a-php-pdoexception-complaining-that-it-cant-make-a-postgres-con +# - fatal error: could not open certificate file "/root/.postgresql/postgresql.crt": Permission denied +chown -R app:app /root # /.postgresql + +for d in cache lock feed-icons; do + chmod 777 $DST_DIR/$d + find $DST_DIR/$d -type f -exec chmod 666 {} \; +done + +sudo -u app cp ${SCRIPT_ROOT}/config.docker.php $DST_DIR/config.php +chmod 644 $DST_DIR/config.php + +if [ ! -z "${TTRSS_XDEBUG_ENABLED}" ]; then + if [ -z "${TTRSS_XDEBUG_HOST}" ]; then + export TTRSS_XDEBUG_HOST=$(ip ro sh 0/0 | cut -d " " -f 3) + fi + echo enabling xdebug with the following parameters: + env | grep TTRSS_XDEBUG + cat > /etc/php${PHP_SUFFIX}/conf.d/50_xdebug.ini <