docs

README.md

@@ -234,7 +234,7 @@ default.yaml file define variables that can be used at any time in the container
 
 ##### default.yaml.startup
 default.yaml.startup define variables that are only available during the container **first start** in **startup files**.
-*\*.yaml.startup* are deleted right after startup files are processed for the first time,
+\*.yaml.startup are deleted right after startup files are processed for the first time,
 then all variables they contains will not be available in the container environment.
 
 This helps to keep the container configuration secret. If you don't care all environment variables can be defined in **default.yaml** and everything will work fine.
@@ -573,8 +573,10 @@ Here simple Dockerfile example how to add a service-available to an image:
        FROM osixia/ubuntu-light-baseimage:0.1.4
        MAINTAINER Your Name <[email protected]>
 
-        # Add cfssl and cron service-available and get nginx and php5-fpm.
-        # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/add-multiple-process-stack
+        # Add cfssl and cron service-available
+        # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/add-service-available
+        # https://github.com/osixia/docker-light-baseimage/blob/stable/image/service-available/:cfssl/download.sh
+        # https://github.com/osixia/docker-light-baseimage/blob/stable/image/service-available/:cron/download.sh
         RUN apt-get -y update \
             && /container/tool/add-service-available :cfssl :cron \
             && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
@@ -606,7 +608,7 @@ What it does:
 
 *Run tool* takes several options, to list them:
 
-    docker run osixia/light-baseimage:0.2.1 --help
+    docker run osixia/ubuntu-light-baseimage:0.2.1 --help
     usage: run [-h] [-e] [-s] [-p] [-k] [-c]
                [-l {none,error,warning,info,debug,trace}]
                [MAIN_COMMAND [MAIN_COMMAND ...]]
@@ -688,7 +690,7 @@ If a main command is set for example:
 If a main command is set *run tool* launch it otherwise bash is launched.
 Example:
 
-    docker run -it osixia/light-baseimage:0.2.1
+    docker run -it osixia/ubuntu-light-baseimage:0.2.1
 
 
 ##### Extra environment variables
@@ -749,9 +751,9 @@ will produce this bash environment variables:
 
 complex-bash-env make it easy to iterate trough this variable:
 
-      for fruit in $(complex-bash-env iterate "${FRUITS}")
+      for fruit in $(complex-bash-env iterate FRUITS)
       do
-        echo $fruit
+        echo ${!fruit}
       done
 
 A more complete example can be found [osixia/phpLDAPadmin](https://github.com/osixia/docker-phpLDAPadmin) image.
@@ -764,8 +766,8 @@ Note this yaml definition:
 
 Can also be set by command line converted in python or json:
 
-    docker run -it --env FRUITS="#PYTHON2BASH:['orange','apple']" osixia/light-baseimage:0.2.1 printenv
-    docker run -it --env FRUITS="#JSON2BASH:[\"orange\",\"apple\"]" osixia/light-baseimage:0.2.1 printenv
+    docker run -it --env FRUITS="#PYTHON2BASH:['orange','apple']" osixia/ubuntu-light-baseimage:0.2.1 printenv
+    docker run -it --env FRUITS="#JSON2BASH:[\"orange\",\"apple\"]" osixia/ubuntu-light-baseimage:0.2.1 printenv
 
 ### Tests
 

image/build.sh.orig

@@ -0,0 +1,85 @@
+#!/bin/bash -ex
+
+## Add bash tools to /sbin
+ln -s /container/tool/* /sbin/
+
+mkdir -p /container/service
+mkdir -p /container/environment /container/environment/startup
+chmod 700 /container/environment/ /container/environment/startup
+
+groupadd -g 8377 docker_env
+
+# dpkg options
+cp /container/file/dpkg_nodoc /etc/dpkg/dpkg.cfg.d/01_nodoc
+cp /container/file/dpkg_nolocales /etc/dpkg/dpkg.cfg.d/01_nolocales
+
+# General config
+export LC_ALL=C
+export DEBIAN_FRONTEND=noninteractive
+MINIMAL_APT_GET_INSTALL='apt-get install -y --no-install-recommends'
+
+## Temporarily disable dpkg fsync to make building faster.
+if [[ ! -e /etc/dpkg/dpkg.cfg.d/docker-apt-speedup ]]; then
+	echo force-unsafe-io > /etc/dpkg/dpkg.cfg.d/docker-apt-speedup
+fi
+
+## Prevent initramfs updates from trying to run grub and lilo.
+## https://journal.paul.querna.org/articles/2013/10/15/docker-ubuntu-on-rackspace/
+## http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594189
+export INITRD=no
+echo -n no > /container/environment/INITRD
+
+## Enable Ubuntu Universe and Multiverse.
+sed -i 's/^#\s*\(deb.*universe\)$/\1/g' /etc/apt/sources.list
+sed -i 's/^#\s*\(deb.*multiverse\)$/\1/g' /etc/apt/sources.list
+apt-get update
+
+## Fix some issues with APT packages.
+## See https://github.com/dotcloud/docker/issues/1024
+dpkg-divert --local --rename --add /sbin/initctl
+ln -sf /bin/true /sbin/initctl
+
+## Replace the 'ischroot' tool to make it always return true.
+## Prevent initscripts updates from breaking /dev/shm.
+## https://journal.paul.querna.org/articles/2013/10/15/docker-ubuntu-on-rackspace/
+## https://bugs.launchpad.net/launchpad/+bug/974584
+dpkg-divert --local --rename --add /usr/bin/ischroot
+ln -sf /bin/true /usr/bin/ischroot
+
+<<<<<<< HEAD
+## Install HTTPS support for APT.
+$minimal_apt_get_install apt-transport-https ca-certificates
+
+## Install add-apt-repository
+$minimal_apt_get_install software-properties-common
+=======
+## Install apt-utils.
+$MINIMAL_APT_GET_INSTALL apt-utils python locales
+>>>>>>> stable
+
+## Upgrade all packages.
+apt-get dist-upgrade -y --no-install-recommends
+
+# fix locale
+$minimal_apt_get_install language-pack-en
+locale-gen en_US
+update-locale LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8
+
+echo -n C.UTF-8 > /container/environment/LANG
+echo -n C.UTF-8 > /container/environment/LANGUAGE
+echo -n C.UTF-8 > /container/environment/LC_CTYPE
+
+# install PyYAML
+tar -C /container/file/ -xvf /container/file/PyYAML-3.11.tar.gz
+cd /container/file/PyYAML-3.11/
+python3 setup.py install
+cd -
+
+apt-get clean
+rm -rf /tmp/* /var/tmp/*
+rm -rf /var/lib/apt/lists/*
+rm -f /etc/dpkg/dpkg.cfg.d/02apt-speedup
+
+# Remove useless files
+rm -rf /container/file
+rm -rf /container/build.sh /container/Dockerfile

image/service-available/:cfssl/assets/tool/cfssl-helper

@@ -40,7 +40,6 @@ if [ ! -e "$CERT_FILE" ] && [ ! -e "$KEY_FILE" ]; then
   esac
 
   # set env vars
-  PREFIX=$1
   PREFIX=${PREFIX^^} # uppercase
 
   # search for prefixed env var first
@@ -137,7 +136,7 @@ if [ ! -e "$CERT_FILE" ] && [ ! -e "$KEY_FILE" ]; then
     CONFIG_PARAM="-config $CONFIG_FILE"
 
     elif [ -n "$CFSSL_CONFIG" ]; then
-      echo "use $CFSSL_CONFIG as config file"
+      log-helper debug "use $CFSSL_CONFIG as config file"
       cp -f $CFSSL_CONFIG $CONFIG_FILE
       CONFIG_PARAM="-config $CONFIG_FILE"
   fi
@@ -176,7 +175,14 @@ if [ ! -e "$CERT_FILE" ] && [ ! -e "$KEY_FILE" ]; then
   fi
   log-helper debug "done :)"
 
+elif [ ! -e "$KEY_FILE" ]; then
+  log-helper error "Certificate file $CERT_FILE exists but not key file $KEY_FILE"
+  exit 1
+elif [ ! -e "$CERT_FILE" ]; then
+  log-helper error "Key file $KEY_FILE exists but not certificate file $CERT_FILE"
+  exit 1
 else
-  log-helper info "Files $CERT_FILE or $KEY_FILE already exists,"
-  log-helper info "do nothing."
+  log-helper debug "Files $CERT_FILE and $KEY_FILE exists, fix files permissions"
+  chmod 644 $CERT_FILE
+  chmod 600 $KEY_FILE
 fi

image/service-available/:cfssl/download.sh

@@ -1,30 +1,30 @@
 #!/bin/bash -e
 
 # download curl and ca-certificate from apt-get if needed
-TO_INSTALL=""
+to_install=""
 
 if [ $(dpkg-query -W -f='${Status}' curl 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
-  TO_INSTALL="curl"
+  to_install="curl"
 fi
 
 if [ $(dpkg-query -W -f='${Status}' ca-certificates 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
-  TO_INSTALL="$TO_INSTALL ca-certificates"
+  to_install="$to_install ca-certificates"
 fi
 
-if [ -n "$TO_INSTALL" ]; then
-  LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends $TO_INSTALL
+if [ -n "$to_install" ]; then
+  LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends $to_install
 fi
 
 # download libltdl-dev from apt-get
 LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends libltdl-dev
 
-curl -o /usr/sbin/cfssl -SL https://pkg.cfssl.org/R1.1/cfssl_linux-amd64
+curl -o /usr/sbin/cfssl -SL https://github.com/osixia/cfssl/raw/master/bin/cfssl
 chmod 700 /usr/sbin/cfssl
 
-curl -o /usr/sbin/cfssljson -SL https://pkg.cfssl.org/R1.1/cfssljson_linux-amd64
+curl -o /usr/sbin/cfssljson -SL https://github.com/osixia/cfssl/raw/master/bin/cfssljson
 chmod 700 /usr/sbin/cfssljson
 
 # remove tools installed to download cfssl
-if [ -n "$TO_INSTALL" ]; then
-  apt-get remove -y --purge --auto-remove $TO_INSTALL
+if [ -n "$to_install" ]; then
+  apt-get remove -y --purge --auto-remove $to_install
 fi

image/service-available/:cfssl/startup.sh

@@ -1,13 +1,5 @@
 #!/bin/bash -e
 log-helper level eq trace && set -x
 
-FIRST_START_DONE="${CONTAINER_STATE_DIR}/cfssl-first-start-done"
-
-# container first start
-if [ ! -e "$FIRST_START_DONE" ]; then
-
-  chmod 700 ${CONTAINER_SERVICE_DIR}/:cfssl/assets/tool/*
-  ln -s ${CONTAINER_SERVICE_DIR}/:cfssl/assets/tool/* /usr/sbin
-
-  touch $FIRST_START_DONE
-fi
+chmod 700 ${CONTAINER_SERVICE_DIR}/:cfssl/assets/tool/*
+ln -sf ${CONTAINER_SERVICE_DIR}/:cfssl/assets/tool/* /usr/sbin

image/service-available/:logrotate/startup.sh

@@ -1,12 +1,4 @@
 #!/bin/bash -e
 log-helper level eq trace && set -x
 
-FIRST_START_DONE="${CONTAINER_STATE_DIR}/logrotate-first-start-done"
-
-# container first start
-if [ ! -e "$FIRST_START_DONE" ]; then
-
-  ln -s ${CONTAINER_SERVICE_DIR}/:logrotate/assets/config/logrotate_syslogng /etc/logrotate.d/syslog-ng
-
-  touch $FIRST_START_DONE
-fi
+ln -sf ${CONTAINER_SERVICE_DIR}/:logrotate/assets/config/logrotate_syslogng /etc/logrotate.d/syslog-ng

image/service-available/:syslog-ng-core/startup.sh

@@ -1,17 +1,9 @@
 #!/bin/bash -e
 log-helper level eq trace && set -x
 
-FIRST_START_DONE="${CONTAINER_STATE_DIR}/syslog-ng-first-start-done"
+ln -sf ${CONTAINER_SERVICE_DIR}/:syslog-ng-core/assets/config/syslog_ng_default /etc/default/syslog-ng
+ln -sf ${CONTAINER_SERVICE_DIR}/:syslog-ng-core/assets/config/syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
 
-# container first start
-if [ ! -e "$FIRST_START_DONE" ]; then
-
-  ln -s ${CONTAINER_SERVICE_DIR}/:syslog-ng-core/assets/config/syslog_ng_default /etc/default/syslog-ng
-  ln -s ${CONTAINER_SERVICE_DIR}/:syslog-ng-core/assets/config/syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
-
-  ## Install syslog to "docker logs" forwarder.
-  mkdir /container/run/process/syslog-forwarder
-  ln -s ${CONTAINER_SERVICE_DIR}/:syslog-ng-core/process-syslog-forwarder.sh /container/run/process/syslog-forwarder/run
-
-  touch $FIRST_START_DONE
-fi
+## Install syslog to "docker logs" forwarder.
+[ -d /container/run/process/:syslog-forwarder ] || mkdir -p /container/run/process/:syslog-forwarder
+ln -sf ${CONTAINER_SERVICE_DIR}/:syslog-ng-core/process-syslog-forwarder.sh /container/run/process/:syslog-forwarder/run

image/tool/add-service-available

@@ -3,24 +3,28 @@
 # Usage :
 # RUN /container/tool/add-service-available [service1] [service2] ...
 
+SERVICE_DIR="/container/service"
+SERVICE_AVAILABLE_DIR="/container/service-available"
+DOWNLOAD_FILENAME="download.sh"
+
 for i in $@
 do
 
   echo "add-service-available: $i"
-  if  [ -d "/container/service-available/$i" ]; then
+  if  [ -d "${SERVICE_AVAILABLE_DIR}/$i" ]; then
 
-    if [ -f /container/service-available/$i/download.sh ]; then
-      echo "run /container/service-available/$i/download.sh"
-      /container/service-available/$i/download.sh
-      echo "remove /container/service-available/$i/download.sh"
-      rm -f /container/service-available/$i/download.sh
+    if [ -f ${SERVICE_AVAILABLE_DIR}/$i/${DOWNLOAD_FILENAME} ]; then
+      echo "run ${SERVICE_AVAILABLE_DIR}/$i/${DOWNLOAD_FILENAME}"
+      ${SERVICE_AVAILABLE_DIR}/$i/${DOWNLOAD_FILENAME}
+      echo "remove ${SERVICE_AVAILABLE_DIR}/$i/${DOWNLOAD_FILENAME}"
+      rm -f ${SERVICE_AVAILABLE_DIR}/$i/${DOWNLOAD_FILENAME}
     fi
 
-    echo "move /container/service-available/$i to /container/service/$i"
-    mv /container/service-available/$i /container/service/$i
+    echo "move ${SERVICE_AVAILABLE_DIR}/$i to ${SERVICE_DIR}/$i"
+    mv ${SERVICE_AVAILABLE_DIR}/$i ${SERVICE_DIR}/$i
 
   else
-    echo "service-available: $i not found in /container/service-available/$i"
+    echo "service-available: $i not found in ${SERVICE_AVAILABLE_DIR}/$i"
     exit 1
   fi
 done