public_git
/
bitnami-containers
mirror of https://github.com/bitnami/containers.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

2.8.6-debian-11-r1 release

This commit is contained in:
Bitnami Bot 2022-07-19 10:20:04 +00:00
parent f0ad61dab7
commit a40cbbe8e1
37 changed files with 4885 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
containers/discourse/2/debian-11/Dockerfile Normal file
View File

@ -0,0 +1,35 @@
FROM docker.io/bitnami/minideb:bullseye
ENV HOME="/" \
OS_ARCH="amd64" \
OS_FLAVOUR="debian-11" \
OS_NAME="linux"
COPY prebuildfs /
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Install required system packages and dependencies
RUN install_packages acl advancecomp ca-certificates curl file gifsicle gzip hostname imagemagick jhead jpegoptim libbrotli1 libbsd0 libbz2-1.0 libc6 libcom-err2 libcrypt1 libcurl4 libedit2 libffi7 libgcc-s1 libgcrypt20 libgmp10 libgnutls30 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libjpeg-turbo-progs libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 liblzma5 libmd0 libncursesw6 libnettle8 libnghttp2-14 libnsl2 libp11-kit0 libpq5 libpsl5 libreadline-dev libreadline8 librtmp1 libsasl2-2 libsqlite3-0 libssh2-1 libssl-dev libssl1.1 libstdc++6 libtasn1-6 libtinfo6 libtirpc3 libunistring2 libuuid1 libxml2 libxslt1.1 optipng pngcrush pngquant procps rsync sqlite3 tar zlib1g
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "python" "3.8.13-153" --checksum c33962b71ef103d071804f57720a34bada903c9a9bec1fbeddf57e97a5bd6279
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "gosu" "1.14.0-152" --checksum 0c751c7e2ec0bc900a19dbec0306d6294fe744ddfb0fa64197ba1a36040092f0
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "wait-for-port" "1.0.3-152" --checksum 0694ae67645c416d9f6875e90c0f7cef379b4ac8030a6a5b8b5cc9ca77c6975d
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "ruby" "2.7.6-151" --checksum 842a1467306f1acb0648a972252150435af822938dc2e4c26063a26e8b2fcf88
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "postgresql-client" "13.7.0-151" --checksum d31563d3fc5c6ed578d11e32e6a6a43401a8a3a87aea000af8e0a1ba38c5a1f3
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "node" "14.20.0-1" --checksum 1308eadfadd439cc82f4ca51185828f49cac7b38fcafd783e24f52c7c2768b4b
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "git" "2.37.1-1" --checksum 39ea3040baa552b4760c1100a3713f86493620c0a74121c1ceba50fe17341878
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "brotli" "1.0.9-151" --checksum ba4c4d26d232f8d91d1143078a633ba7c5ae33f5c4182684400ffb7bbc0ed262
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "discourse" "2.8.6-1" --checksum 311191ac01dc5c48a2f802e3073bbd8f76b0834c35e583143b9cb47df4e9e997
RUN apt-get update && apt-get upgrade -y && \
rm -r /var/lib/apt/lists /var/cache/apt/archives
RUN chmod g+rwX /opt/bitnami
RUN /opt/bitnami/ruby/bin/gem install --force bundler -v '< 2'
COPY rootfs /
RUN /opt/bitnami/scripts/discourse/postunpack.sh
ENV APP_VERSION="2.8.6" \
BITNAMI_APP_NAME="discourse" \
PATH="/opt/bitnami/python/bin:/opt/bitnami/common/bin:/opt/bitnami/ruby/bin:/opt/bitnami/postgresql/bin:/opt/bitnami/node/bin:/opt/bitnami/git/bin:/opt/bitnami/brotli/bin:$PATH"
EXPOSE 3000
USER root
ENTRYPOINT [ "/opt/bitnami/scripts/discourse/entrypoint.sh" ]
CMD [ "/opt/bitnami/scripts/discourse/run.sh" ]

66
containers/discourse/2/debian-11/docker-compose.yml Normal file
View File

@ -0,0 +1,66 @@
version: '2'
services:
postgresql:
image: docker.io/bitnami/postgresql:11
volumes:
- 'postgresql_data:/bitnami/postgresql'
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- POSTGRESQL_USERNAME=bn_discourse
- POSTGRESQL_DATABASE=bitnami_discourse
redis:
image: docker.io/bitnami/redis:7.0
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
volumes:
- 'redis_data:/bitnami/redis'
discourse:
image: docker.io/bitnami/discourse:2
ports:
- '80:3000'
volumes:
- 'discourse_data:/bitnami/discourse'
depends_on:
- postgresql
- redis
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- DISCOURSE_HOST=www.example.com
- DISCOURSE_DATABASE_HOST=postgresql
- DISCOURSE_DATABASE_PORT_NUMBER=5432
- DISCOURSE_DATABASE_USER=bn_discourse
- DISCOURSE_DATABASE_NAME=bitnami_discourse
- DISCOURSE_REDIS_HOST=redis
- DISCOURSE_REDIS_PORT_NUMBER=6379
- POSTGRESQL_CLIENT_POSTGRES_USER=postgres
- POSTGRESQL_CLIENT_CREATE_DATABASE_NAME=bitnami_discourse
- POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS=hstore,pg_trgm
sidekiq:
image: docker.io/bitnami/discourse:2
depends_on:
- discourse
volumes:
- 'sidekiq_data:/bitnami/discourse'
command: /opt/bitnami/scripts/discourse-sidekiq/run.sh
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- DISCOURSE_HOST=www.example.com
- DISCOURSE_DATABASE_HOST=postgresql
- DISCOURSE_DATABASE_PORT_NUMBER=5432
- DISCOURSE_DATABASE_USER=bn_discourse
- DISCOURSE_DATABASE_NAME=bitnami_discourse
- DISCOURSE_REDIS_HOST=redis
- DISCOURSE_REDIS_PORT_NUMBER=6379
volumes:
postgresql_data:
driver: local
redis_data:
driver: local
discourse_data:
driver: local
sidekiq_data:
driver: local

65
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json Normal file
View File

@ -0,0 +1,65 @@
{
"brotli": {
"arch": "amd64",
"digest": "ba4c4d26d232f8d91d1143078a633ba7c5ae33f5c4182684400ffb7bbc0ed262",
"distro": "debian-11",
"type": "NAMI",
"version": "1.0.9-151"
},
"discourse": {
"arch": "amd64",
"digest": "311191ac01dc5c48a2f802e3073bbd8f76b0834c35e583143b9cb47df4e9e997",
"distro": "debian-11",
"type": "NAMI",
"version": "2.8.6-1"
},
"git": {
"arch": "amd64",
"digest": "39ea3040baa552b4760c1100a3713f86493620c0a74121c1ceba50fe17341878",
"distro": "debian-11",
"type": "NAMI",
"version": "2.37.1-1"
},
"gosu": {
"arch": "amd64",
"digest": "0c751c7e2ec0bc900a19dbec0306d6294fe744ddfb0fa64197ba1a36040092f0",
"distro": "debian-11",
"type": "NAMI",
"version": "1.14.0-152"
},
"node": {
"arch": "amd64",
"digest": "1308eadfadd439cc82f4ca51185828f49cac7b38fcafd783e24f52c7c2768b4b",
"distro": "debian-11",
"type": "NAMI",
"version": "14.20.0-1"
},
"postgresql-client": {
"arch": "amd64",
"digest": "d31563d3fc5c6ed578d11e32e6a6a43401a8a3a87aea000af8e0a1ba38c5a1f3",
"distro": "debian-11",
"type": "NAMI",
"version": "13.7.0-151"
},
"python": {
"arch": "amd64",
"digest": "c33962b71ef103d071804f57720a34bada903c9a9bec1fbeddf57e97a5bd6279",
"distro": "debian-11",
"type": "NAMI",
"version": "3.8.13-153"
},
"ruby": {
"arch": "amd64",
"digest": "842a1467306f1acb0648a972252150435af822938dc2e4c26063a26e8b2fcf88",
"distro": "debian-11",
"type": "NAMI",
"version": "2.7.6-151"
},
"wait-for-port": {
"arch": "amd64",
"digest": "0694ae67645c416d9f6875e90c0f7cef379b4ac8030a6a5b8b5cc9ca77c6975d",
"distro": "debian-11",
"type": "NAMI",
"version": "1.0.3-152"
}
}

3
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt Normal file
View File

@ -0,0 +1,3 @@
Bitnami containers ship with software bundles. You can find the licenses under:
/opt/bitnami/nami/COPYING
/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt

51
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh Normal file
View File

@ -0,0 +1,51 @@
#!/bin/bash
#
# Bitnami custom library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Constants
BOLD='\033[1m'
# Functions
########################
# Print the welcome page
# Globals:
# DISABLE_WELCOME_MESSAGE
# BITNAMI_APP_NAME
# Arguments:
# None
# Returns:
# None
#########################
print_welcome_page() {
if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then
if [[ -n "$BITNAMI_APP_NAME" ]]; then
print_image_welcome_page
fi
fi
}
########################
# Print the welcome page for a Bitnami Docker image
# Globals:
# BITNAMI_APP_NAME
# Arguments:
# None
# Returns:
# None
#########################
print_image_welcome_page() {
local github_url="https://github.com/bitnami/containers"
log ""
log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}"
log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}"
log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}"
log ""
}

65
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libcomponent.sh Normal file
View File

@ -0,0 +1,65 @@
#!/bin/bash
#
# Library for managing Bitnami components
# Constants
CACHE_ROOT="/tmp/bitnami/pkg/cache"
DOWNLOAD_URL="https://downloads.bitnami.com/files/stacksmith"
# Functions
########################
# Download and unpack a Bitnami package
# Globals:
# OS_NAME
# OS_ARCH
# OS_FLAVOUR
# Arguments:
# $1 - component's name
# $2 - component's version
# Returns:
# None
#########################
component_unpack() {
local name="${1:?name is required}"
local version="${2:?version is required}"
local base_name="${name}-${version}-${OS_NAME}-${OS_ARCH}-${OS_FLAVOUR}"
local package_sha256=""
local directory="/opt/bitnami"
# Validate arguments
shift 2
while [ "$#" -gt 0 ]; do
case "$1" in
-c|--checksum)
shift
package_sha256="${1:?missing package checksum}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
echo "Downloading $base_name package"
if [ -f "${CACHE_ROOT}/${base_name}.tar.gz" ]; then
echo "${CACHE_ROOT}/${base_name}.tar.gz already exists, skipping download."
cp "${CACHE_ROOT}/${base_name}.tar.gz" .
rm "${CACHE_ROOT}/${base_name}.tar.gz"
if [ -f "${CACHE_ROOT}/${base_name}.tar.gz.sha256" ]; then
echo "Using the local sha256 from ${CACHE_ROOT}/${base_name}.tar.gz.sha256"
package_sha256="$(< "${CACHE_ROOT}/${base_name}.tar.gz.sha256")"
rm "${CACHE_ROOT}/${base_name}.tar.gz.sha256"
fi
else
curl --remote-name --silent --show-error --fail "${DOWNLOAD_URL}/${base_name}.tar.gz"
fi
if [ -n "$package_sha256" ]; then
echo "Verifying package integrity"
echo "$package_sha256 ${base_name}.tar.gz" | sha256sum --check - || return "$?"
fi
tar --directory "${directory}" --extract --gunzip --file "${base_name}.tar.gz" --no-same-owner --strip-components=2 || return "$?"
rm "${base_name}.tar.gz"
}

139
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh Normal file
View File

@ -0,0 +1,139 @@
#!/bin/bash
#
# Library for managing files
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libos.sh
# Functions
########################
# Replace a regex-matching string in a file
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - substitute regex
# $4 - use POSIX regex. Default: true
# Returns:
# None
#########################
replace_in_file() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local substitute_regex="${3:?substitute regex is required}"
local posix_regex=${4:-true}
local result
# We should avoid using 'sed in-place' substitutions
# 1) They are not compatible with files mounted from ConfigMap(s)
# 2) We found incompatibility issues with Debian10 and "in-place" substitutions
local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues
if [[ $posix_regex = true ]]; then
result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")"
else
result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")"
fi
echo "$result" > "$filename"
}
########################
# Replace a regex-matching multiline string in a file
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - substitute regex
# Returns:
# None
#########################
replace_in_file_multiline() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local substitute_regex="${3:?substitute regex is required}"
local result
local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues
result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")"
echo "$result" > "$filename"
}
########################
# Remove a line in a file based on a regex
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - use POSIX regex. Default: true
# Returns:
# None
#########################
remove_in_file() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local posix_regex=${3:-true}
local result
# We should avoid using 'sed in-place' substitutions
# 1) They are not compatible with files mounted from ConfigMap(s)
# 2) We found incompatibility issues with Debian10 and "in-place" substitutions
if [[ $posix_regex = true ]]; then
result="$(sed -E "/$match_regex/d" "$filename")"
else
result="$(sed "/$match_regex/d" "$filename")"
fi
echo "$result" > "$filename"
}
########################
# Appends text after the last line matching a pattern
# Arguments:
# $1 - file
# $2 - match regex
# $3 - contents to add
# Returns:
# None
#########################
append_file_after_last_match() {
local file="${1:?missing file}"
local match_regex="${2:?missing pattern}"
local value="${3:?missing value}"
# We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again
result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)"
echo "$result" > "$file"
}
########################
# Wait until certain entry is present in a log file
# Arguments:
# $1 - entry to look for
# $2 - log file
# $3 - max retries. Default: 12
# $4 - sleep between retries (in seconds). Default: 5
# Returns:
# Boolean
#########################
wait_for_log_entry() {
local -r entry="${1:-missing entry}"
local -r log_file="${2:-missing log file}"
local -r retries="${3:-12}"
local -r interval_time="${4:-5}"
local attempt=0
check_log_file_for_entry() {
if ! grep -qE "$entry" "$log_file"; then
debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})"
return 1
fi
}
debug "Checking that ${log_file} log file contains entry \"${entry}\""
if retry_while check_log_file_for_entry "$retries" "$interval_time"; then
debug "Found entry \"${entry}\" in ${log_file}"
true
else
error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries"
debug_execute cat "$log_file"
return 1
fi
}

190
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh Normal file
View File

@ -0,0 +1,190 @@
#!/bin/bash
#
# Library for file system actions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Ensure a file/directory is owned (user and group) but the given user
# Arguments:
# $1 - filepath
# $2 - owner
# Returns:
# None
#########################
owned_by() {
local path="${1:?path is missing}"
local owner="${2:?owner is missing}"
local group="${3:-}"
if [[ -n $group ]]; then
chown "$owner":"$group" "$path"
else
chown "$owner":"$owner" "$path"
fi
}
########################
# Ensure a directory exists and, optionally, is owned by the given user
# Arguments:
# $1 - directory
# $2 - owner
# Returns:
# None
#########################
ensure_dir_exists() {
local dir="${1:?directory is missing}"
local owner_user="${2:-}"
local owner_group="${3:-}"
mkdir -p "${dir}"
if [[ -n $owner_user ]]; then
owned_by "$dir" "$owner_user" "$owner_group"
fi
}
########################
# Checks whether a directory is empty or not
# arguments:
# $1 - directory
# returns:
# boolean
#########################
is_dir_empty() {
local -r path="${1:?missing directory}"
# Calculate real path in order to avoid issues with symlinks
local -r dir="$(realpath "$path")"
if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then
true
else
false
fi
}
########################
# Checks whether a mounted directory is empty or not
# arguments:
# $1 - directory
# returns:
# boolean
#########################
is_mounted_dir_empty() {
local dir="${1:?missing directory}"
if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then
true
else
false
fi
}
########################
# Checks whether a file can be written to or not
# arguments:
# $1 - file
# returns:
# boolean
#########################
is_file_writable() {
local file="${1:?missing file}"
local dir
dir="$(dirname "$file")"
if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then
true
else
false
fi
}
########################
# Relativize a path
# arguments:
# $1 - path
# $2 - base
# returns:
# None
#########################
relativize() {
local -r path="${1:?missing path}"
local -r base="${2:?missing base}"
pushd "$base" >/dev/null || exit
realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||'
popd >/dev/null || exit
}
########################
# Configure permisions and ownership recursively
# Globals:
# None
# Arguments:
# $1 - paths (as a string).
# Flags:
# -f|--file-mode - mode for directories.
# -d|--dir-mode - mode for files.
# -u|--user - user
# -g|--group - group
# Returns:
# None
#########################
configure_permissions_ownership() {
local -r paths="${1:?paths is missing}"
local dir_mode=""
local file_mode=""
local user=""
local group=""
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-f | --file-mode)
shift
file_mode="${1:?missing mode for files}"
;;
-d | --dir-mode)
shift
dir_mode="${1:?missing mode for directories}"
;;
-u | --user)
shift
user="${1:?missing user}"
;;
-g | --group)
shift
group="${1:?missing group}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a filepaths <<<"$paths"
for p in "${filepaths[@]}"; do
if [[ -e "$p" ]]; then
if [[ -n $dir_mode ]]; then
find -L "$p" -type d -exec chmod "$dir_mode" {} \;
fi
if [[ -n $file_mode ]]; then
find -L "$p" -type f -exec chmod "$file_mode" {} \;
fi
if [[ -n $user ]] && [[ -n $group ]]; then
chown -LR "$user":"$group" "$p"
elif [[ -n $user ]] && [[ -z $group ]]; then
chown -LR "$user" "$p"
elif [[ -z $user ]] && [[ -n $group ]]; then
chgrp -LR "$group" "$p"
fi
else
stderr_print "$p does not exist"
fi
done
}

16
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh Normal file
View File

@ -0,0 +1,16 @@
#!/bin/bash
#
# Library to use for scripts expected to be used as Kubernetes lifecycle hooks
# shellcheck disable=SC1091
# Load generic libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libos.sh
# Override functions that log to stdout/stderr of the current process, so they print to process 1
for function_to_override in stderr_print debug_execute; do
# Output is sent to output of process 1 and thus end up in the container log
# The hook output in general isn't saved
eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2"
done

112
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh Normal file
View File

@ -0,0 +1,112 @@
#!/bin/bash
#
# Library for logging functions
# Constants
RESET='\033[0m'
RED='\033[38;5;1m'
GREEN='\033[38;5;2m'
YELLOW='\033[38;5;3m'
MAGENTA='\033[38;5;5m'
CYAN='\033[38;5;6m'
# Functions
########################
# Print to STDERR
# Arguments:
# Message to print
# Returns:
# None
#########################
stderr_print() {
# 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it
local bool="${BITNAMI_QUIET:-false}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
printf "%b\\n" "${*}" >&2
fi
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
log() {
stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}"
}
########################
# Log an 'info' message
# Arguments:
# Message to log
# Returns:
# None
#########################
info() {
log "${GREEN}INFO ${RESET} ==> ${*}"
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
warn() {
log "${YELLOW}WARN ${RESET} ==> ${*}"
}
########################
# Log an 'error' message
# Arguments:
# Message to log
# Returns:
# None
#########################
error() {
log "${RED}ERROR${RESET} ==> ${*}"
}
########################
# Log a 'debug' message
# Globals:
# BITNAMI_DEBUG
# Arguments:
# None
# Returns:
# None
#########################
debug() {
# 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it
local bool="${BITNAMI_DEBUG:-false}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
log "${MAGENTA}DEBUG${RESET} ==> ${*}"
fi
}
########################
# Indent a string
# Arguments:
# $1 - string
# $2 - number of indentation characters (default: 4)
# $3 - indentation character (default: " ")
# Returns:
# None
#########################
indent() {
local string="${1:-}"
local num="${2:?missing num}"
local char="${3:-" "}"
# Build the indentation unit string
local indent_unit=""
for ((i = 0; i < num; i++)); do
indent_unit="${indent_unit}${char}"
done
# shellcheck disable=SC2001
# Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions
echo "$string" | sed "s/^/${indent_unit}/"
}

163
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh Normal file
View File

@ -0,0 +1,163 @@
#!/bin/bash
#
# Library for network functions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Resolve IP address for a host/domain (i.e. DNS lookup)
# Arguments:
# $1 - Hostname to resolve
# $2 - IP address version (v4, v6), leave empty for resolving to any version
# Returns:
# IP
#########################
dns_lookup() {
local host="${1:?host is missing}"
local ip_version="${2:-}"
getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1
}
#########################
# Wait for a hostname and return the IP
# Arguments:
# $1 - hostname
# $2 - number of retries
# $3 - seconds to wait between retries
# Returns:
# - IP address that corresponds to the hostname
#########################
wait_for_dns_lookup() {
local hostname="${1:?hostname is missing}"
local retries="${2:-5}"
local seconds="${3:-1}"
check_host() {
if [[ $(dns_lookup "$hostname") == "" ]]; then
false
else
true
fi
}
# Wait for the host to be ready
retry_while "check_host ${hostname}" "$retries" "$seconds"
dns_lookup "$hostname"
}
########################
# Get machine's IP
# Arguments:
# None
# Returns:
# Machine IP
#########################
get_machine_ip() {
local -a ip_addresses
local hostname
hostname="$(hostname)"
read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)"
if [[ "${#ip_addresses[@]}" -gt 1 ]]; then
warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}"
elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then
error "Could not find any IP address associated to hostname ${hostname}"
exit 1
fi
echo "${ip_addresses[0]}"
}
########################
# Check if the provided argument is a resolved hostname
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_hostname_resolved() {
local -r host="${1:?missing value}"
if [[ -n "$(dns_lookup "$host")" ]]; then
true
else
false
fi
}
########################
# Parse URL
# Globals:
# None
# Arguments:
# $1 - uri - String
# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String
# Returns:
# String
parse_uri() {
local uri="${1:?uri is missing}"
local component="${2:?component is missing}"
# Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with
# additional sub-expressions to split authority into userinfo, host and port
# Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969)
local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?'
# || | ||| | | | | | | | | |
# |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment
# 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #...
# | 4 authority
# 3 //...
local index=0
case "$component" in
scheme)
index=2
;;
authority)
index=4
;;
userinfo)
index=6
;;
host)
index=7
;;
port)
index=9
;;
path)
index=10
;;
query)
index=13
;;
fragment)
index=14
;;
*)
stderr_print "unrecognized component $component"
return 1
;;
esac
[[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}"
}
########################
# Wait for a HTTP connection to succeed
# Globals:
# *
# Arguments:
# $1 - URL to wait for
# $2 - Maximum amount of retries (optional)
# $3 - Time between retries (optional)
# Returns:
# true if the HTTP connection succeeded, false otherwise
#########################
wait_for_http_connection() {
local url="${1:?missing url}"
local retries="${2:-}"
local sleep_time="${3:-}"
if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then
error "Could not connect to ${url}"
return 1
fi
}

466
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh Normal file
View File

@ -0,0 +1,466 @@
#!/bin/bash
#
# Library for operating system actions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libvalidations.sh
# Functions
########################
# Check if an user exists in the system
# Arguments:
# $1 - user
# Returns:
# Boolean
#########################
user_exists() {
local user="${1:?user is missing}"
id "$user" >/dev/null 2>&1
}
########################
# Check if a group exists in the system
# Arguments:
# $1 - group
# Returns:
# Boolean
#########################
group_exists() {
local group="${1:?group is missing}"
getent group "$group" >/dev/null 2>&1
}
########################
# Create a group in the system if it does not exist already
# Arguments:
# $1 - group
# Flags:
# -i|--gid - the ID for the new group
# -s|--system - Whether to create new user as system user (uid <= 999)
# Returns:
# None
#########################
ensure_group_exists() {
local group="${1:?group is missing}"
local gid=""
local is_system_user=false
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-i | --gid)
shift
gid="${1:?missing gid}"
;;
-s | --system)
is_system_user=true
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if ! group_exists "$group"; then
local -a args=("$group")
if [[ -n "$gid" ]]; then
if group_exists "$gid"; then
error "The GID $gid is already in use." >&2
return 1
fi
args+=("--gid" "$gid")
fi
$is_system_user && args+=("--system")
groupadd "${args[@]}" >/dev/null 2>&1
fi
}
########################
# Create an user in the system if it does not exist already
# Arguments:
# $1 - user
# Flags:
# -i|--uid - the ID for the new user
# -g|--group - the group the new user should belong to
# -a|--append-groups - comma-separated list of supplemental groups to append to the new user
# -h|--home - the home directory for the new user
# -s|--system - whether to create new user as system user (uid <= 999)
# Returns:
# None
#########################
ensure_user_exists() {
local user="${1:?user is missing}"
local uid=""
local group=""
local append_groups=""
local home=""
local is_system_user=false
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-i | --uid)
shift
uid="${1:?missing uid}"
;;
-g | --group)
shift
group="${1:?missing group}"
;;
-a | --append-groups)
shift
append_groups="${1:?missing append_groups}"
;;
-h | --home)
shift
home="${1:?missing home directory}"
;;
-s | --system)
is_system_user=true
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if ! user_exists "$user"; then
local -a user_args=("-N" "$user")
if [[ -n "$uid" ]]; then
if user_exists "$uid"; then
error "The UID $uid is already in use."
return 1
fi
user_args+=("--uid" "$uid")
else
$is_system_user && user_args+=("--system")
fi
useradd "${user_args[@]}" >/dev/null 2>&1
fi
if [[ -n "$group" ]]; then
local -a group_args=("$group")
$is_system_user && group_args+=("--system")
ensure_group_exists "${group_args[@]}"
usermod -g "$group" "$user" >/dev/null 2>&1
fi
if [[ -n "$append_groups" ]]; then
local -a groups
read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")"
for group in "${groups[@]}"; do
ensure_group_exists "$group"
usermod -aG "$group" "$user" >/dev/null 2>&1
done
fi
if [[ -n "$home" ]]; then
mkdir -p "$home"
usermod -d "$home" "$user" >/dev/null 2>&1
configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group"
fi
}
########################
# Check if the script is currently running as root
# Arguments:
# $1 - user
# $2 - group
# Returns:
# Boolean
#########################
am_i_root() {
if [[ "$(id -u)" = "0" ]]; then
true
else
false
fi
}
########################
# Print OS metadata
# Arguments:
# $1 - Flag name
# Flags:
# --id - Distro ID
# --version - Distro version
# --branch - Distro branch
# --codename - Distro codename
# Returns:
# String
#########################
get_os_metadata() {
local -r flag_name="${1:?missing flag}"
# Helper function
get_os_release_metadata() {
local -r env_name="${1:?missing environment variable name}"
(
. /etc/os-release
echo "${!env_name}"
)
}
case "$flag_name" in
--id)
get_os_release_metadata ID
;;
--version)
get_os_release_metadata VERSION_ID
;;
--branch)
get_os_release_metadata VERSION_ID | sed 's/\..*//'
;;
--codename)
get_os_release_metadata VERSION_CODENAME
;;
*)
error "Unknown flag ${flag_name}"
return 1
;;
esac
}
########################
# Get total memory available
# Arguments:
# None
# Returns:
# Memory in bytes
#########################
get_total_memory() {
echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024))
}
########################
# Get machine size depending on specified memory
# Globals:
# None
# Arguments:
# None
# Flags:
# --memory - memory size (optional)
# Returns:
# Detected instance size
#########################
get_machine_size() {
local memory=""
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
--memory)
shift
memory="${1:?missing memory}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if [[ -z "$memory" ]]; then
debug "Memory was not specified, detecting available memory automatically"
memory="$(get_total_memory)"
fi
sanitized_memory=$(convert_to_mb "$memory")
if [[ "$sanitized_memory" -gt 26000 ]]; then
echo 2xlarge
elif [[ "$sanitized_memory" -gt 13000 ]]; then
echo xlarge
elif [[ "$sanitized_memory" -gt 6000 ]]; then
echo large
elif [[ "$sanitized_memory" -gt 3000 ]]; then
echo medium
elif [[ "$sanitized_memory" -gt 1500 ]]; then
echo small
else
echo micro
fi
}
########################
# Get machine size depending on specified memory
# Globals:
# None
# Arguments:
# $1 - memory size (optional)
# Returns:
# Detected instance size
#########################
get_supported_machine_sizes() {
echo micro small medium large xlarge 2xlarge
}
########################
# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048)
# Globals:
# None
# Arguments:
# $1 - memory size
# Returns:
# Result of the conversion
#########################
convert_to_mb() {
local amount="${1:-}"
if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then
size="${BASH_REMATCH[1]}"
unit="${BASH_REMATCH[2]}"
if [[ "$unit" = "g" || "$unit" = "G" ]]; then
amount="$((size * 1024))"
else
amount="$size"
fi
fi
echo "$amount"
}
#########################
# Redirects output to /dev/null if debug mode is disabled
# Globals:
# BITNAMI_DEBUG
# Arguments:
# $@ - Command to execute
# Returns:
# None
#########################
debug_execute() {
if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then
"$@"
else
"$@" >/dev/null 2>&1
fi
}
########################
# Retries a command a given number of times
# Arguments:
# $1 - cmd (as a string)
# $2 - max retries. Default: 12
# $3 - sleep between retries (in seconds). Default: 5
# Returns:
# Boolean
#########################
retry_while() {
local cmd="${1:?cmd is missing}"
local retries="${2:-12}"
local sleep_time="${3:-5}"
local return_value=1
read -r -a command <<<"$cmd"
for ((i = 1; i <= retries; i += 1)); do
"${command[@]}" && return_value=0 && break
sleep "$sleep_time"
done
return $return_value
}
########################
# Generate a random string
# Arguments:
# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii
# -c|--count - Number of characters, defaults to 32
# Arguments:
# None
# Returns:
# None
# Returns:
# String
#########################
generate_random_string() {
local type="ascii"
local count="32"
local filter
local result
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
-t | --type)
shift
type="$1"
;;
-c | --count)
shift
count="$1"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
# Validate type
case "$type" in
ascii)
filter="[:print:]"
;;
alphanumeric)
filter="a-zA-Z0-9"
;;
numeric)
filter="0-9"
;;
*)
echo "Invalid type ${type}" >&2
return 1
;;
esac
# Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size
# Note there is a very small chance of strings starting with EOL character
# Therefore, the higher amount of lines read, this will happen less frequently
result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")"
echo "$result"
}
########################
# Create md5 hash from a string
# Arguments:
# $1 - string
# Returns:
# md5 hash - string
#########################
generate_md5_hash() {
local -r str="${1:?missing input string}"
echo -n "$str" | md5sum | awk '{print $1}'
}
########################
# Create sha1 hash from a string
# Arguments:
# $1 - string
# $2 - algorithm - 1 (default), 224, 256, 384, 512
# Returns:
# sha1 hash - string
#########################
generate_sha_hash() {
local -r str="${1:?missing input string}"
local -r algorithm="${2:-1}"
echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}'
}
########################
# Converts a string to its hexadecimal representation
# Arguments:
# $1 - string
# Returns:
# hexadecimal representation of the string
#########################
convert_to_hex() {
local -r str=${1:?missing input string}
local -i iterator
local char
for ((iterator = 0; iterator < ${#str}; iterator++)); do
char=${str:iterator:1}
printf '%x' "'${char}"
done
}

122
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh Normal file
View File

@ -0,0 +1,122 @@
#!/bin/bash
#
# Bitnami persistence library
# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libversion.sh
# Functions
########################
# Persist an application directory
# Globals:
# BITNAMI_ROOT_DIR
# BITNAMI_VOLUME_DIR
# Arguments:
# $1 - App folder name
# $2 - List of app files to persist
# Returns:
# true if all steps succeeded, false otherwise
#########################
persist_app() {
local -r app="${1:?missing app}"
local -a files_to_restore
read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")"
local -r install_dir="${BITNAMI_ROOT_DIR}/${app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
# Persist the individual files
if [[ "${#files_to_persist[@]}" -le 0 ]]; then
warn "No files are configured to be persisted"
return
fi
pushd "$install_dir" >/dev/null || exit
local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder
local -r tmp_file="/tmp/perms.acl"
for file_to_persist in "${files_to_persist[@]}"; do
if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then
error "Cannot persist '${file_to_persist}' because it does not exist"
return 1
fi
file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")"
file_to_persist_destination="${persist_dir}/${file_to_persist_relative}"
file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")"
# Get original permissions for existing files, which will be applied later
# Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume
getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file"
# Copy directories to the volume
ensure_dir_exists "$file_to_persist_destination_folder"
cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder"
# Restore permissions
pushd "$persist_dir" >/dev/null || exit
if am_i_root; then
setfacl --restore="$tmp_file"
else
# When running as non-root, don't change ownership
setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file")
fi
popd >/dev/null || exit
done
popd >/dev/null || exit
rm -f "$tmp_file"
# Install the persisted files into the installation directory, via symlinks
restore_persisted_app "$@"
}
########################
# Restore a persisted application directory
# Globals:
# BITNAMI_ROOT_DIR
# BITNAMI_VOLUME_DIR
# FORCE_MAJOR_UPGRADE
# Arguments:
# $1 - App folder name
# $2 - List of app files to restore
# Returns:
# true if all steps succeeded, false otherwise
#########################
restore_persisted_app() {
local -r app="${1:?missing app}"
local -a files_to_restore
read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")"
local -r install_dir="${BITNAMI_ROOT_DIR}/${app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
# Restore the individual persisted files
if [[ "${#files_to_restore[@]}" -le 0 ]]; then
warn "No persisted files are configured to be restored"
return
fi
local file_to_restore_relative file_to_restore_origin file_to_restore_destination
for file_to_restore in "${files_to_restore[@]}"; do
file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")"
# We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed
file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")"
file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")"
rm -rf "$file_to_restore_origin"
ln -sfn "$file_to_restore_destination" "$file_to_restore_origin"
done
}
########################
# Check if an application directory was already persisted
# Globals:
# BITNAMI_VOLUME_DIR
# Arguments:
# $1 - App folder name
# Returns:
# true if all steps succeeded, false otherwise
#########################
is_app_initialized() {
local -r app="${1:?missing app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
if ! is_mounted_dir_empty "$persist_dir"; then
true
else
false
fi
}

273
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh Normal file
View File

@ -0,0 +1,273 @@
#!/bin/bash
#
# Library for managing services
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Read the provided pid file and returns a PID
# Arguments:
# $1 - Pid file
# Returns:
# PID
#########################
get_pid_from_file() {
local pid_file="${1:?pid file is missing}"
if [[ -f "$pid_file" ]]; then
if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then
echo "$(< "$pid_file")"
fi
fi
}
########################
# Check if a provided PID corresponds to a running service
# Arguments:
# $1 - PID
# Returns:
# Boolean
#########################
is_service_running() {
local pid="${1:?pid is missing}"
kill -0 "$pid" 2>/dev/null
}
########################
# Stop a service by sending a termination signal to its pid
# Arguments:
# $1 - Pid file
# $2 - Signal number (optional)
# Returns:
# None
#########################
stop_service_using_pid() {
local pid_file="${1:?pid file is missing}"
local signal="${2:-}"
local pid
pid="$(get_pid_from_file "$pid_file")"
[[ -z "$pid" ]] || ! is_service_running "$pid" && return
if [[ -n "$signal" ]]; then
kill "-${signal}" "$pid"
else
kill "$pid"
fi
local counter=10
while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do
sleep 1
counter=$((counter - 1))
done
}
########################
# Start cron daemon
# Arguments:
# None
# Returns:
# true if started correctly, false otherwise
#########################
cron_start() {
if [[ -x "/usr/sbin/cron" ]]; then
/usr/sbin/cron
elif [[ -x "/usr/sbin/crond" ]]; then
/usr/sbin/crond
else
false
fi
}
########################
# Generate a cron configuration file for a given service
# Arguments:
# $1 - Service name
# $2 - Command
# Flags:
# --run-as - User to run as (default: root)
# --schedule - Cron schedule configuration (default: * * * * *)
# Returns:
# None
#########################
generate_cron_conf() {
local service_name="${1:?service name is missing}"
local cmd="${2:?command is missing}"
local run_as="root"
local schedule="* * * * *"
local clean="true"
local clean="true"
# Parse optional CLI flags
shift 2
while [[ "$#" -gt 0 ]]; do
case "$1" in
--run-as)
shift
run_as="$1"
;;
--schedule)
shift
schedule="$1"
;;
--no-clean)
clean="false"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
mkdir -p /etc/cron.d
if "$clean"; then
echo "${schedule} ${run_as} ${cmd}" > /etc/cron.d/"$service_name"
else
echo "${schedule} ${run_as} ${cmd}" >> /etc/cron.d/"$service_name"
fi
}
########################
# Remove a cron configuration file for a given service
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_cron_conf() {
local service_name="${1:?service name is missing}"
local cron_conf_dir="/etc/monit/conf.d"
rm -f "${cron_conf_dir}/${service_name}"
}
########################
# Generate a monit configuration file for a given service
# Arguments:
# $1 - Service name
# $2 - Pid file
# $3 - Start command
# $4 - Stop command
# Flags:
# --disable - Whether to disable the monit configuration
# Returns:
# None
#########################
generate_monit_conf() {
local service_name="${1:?service name is missing}"
local pid_file="${2:?pid file is missing}"
local start_command="${3:?start command is missing}"
local stop_command="${4:?stop command is missing}"
local monit_conf_dir="/etc/monit/conf.d"
local disabled="no"
# Parse optional CLI flags
shift 4
while [[ "$#" -gt 0 ]]; do
case "$1" in
--disable)
disabled="yes"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
is_boolean_yes "$disabled" && conf_suffix=".disabled"
mkdir -p "$monit_conf_dir"
cat >"${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <<EOF
check process ${service_name}
with pidfile "${pid_file}"
start program = "${start_command}" with timeout 90 seconds
stop program = "${stop_command}" with timeout 90 seconds
EOF
}
########################
# Remove a monit configuration file for a given service
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_monit_conf() {
local service_name="${1:?service name is missing}"
local monit_conf_dir="/etc/monit/conf.d"
rm -f "${monit_conf_dir}/${service_name}.conf"
}
########################
# Generate a logrotate configuration file
# Arguments:
# $1 - Service name
# $2 - Log files pattern
# Flags:
# --period - Period
# --rotations - Number of rotations to store
# --extra - Extra options (Optional)
# Returns:
# None
#########################
generate_logrotate_conf() {
local service_name="${1:?service name is missing}"
local log_path="${2:?log path is missing}"
local period="weekly"
local rotations="150"
local extra=""
local logrotate_conf_dir="/etc/logrotate.d"
local var_name
# Parse optional CLI flags
shift 2
while [[ "$#" -gt 0 ]]; do
case "$1" in
--period|--rotations|--extra)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
declare "$var_name"="${1:?"$var_name" is missing}"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
mkdir -p "$logrotate_conf_dir"
cat <<EOF | sed '/^\s*$/d' >"${logrotate_conf_dir}/${service_name}"
${log_path} {
${period}
rotate ${rotations}
dateext
compress
copytruncate
missingok
$(indent "$extra" 2)
}
EOF
}
########################
# Remove a logrotate configuration file
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_logrotate_conf() {
local service_name="${1:?service name is missing}"
local logrotate_conf_dir="/etc/logrotate.d"
rm -f "${logrotate_conf_dir}/${service_name}"
}

264
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libvalidations.sh Normal file
View File

@ -0,0 +1,264 @@
#!/bin/bash
#
# Validation functions library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Check if the provided argument is an integer
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_int() {
local -r int="${1:?missing value}"
if [[ "$int" =~ ^-?[0-9]+ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a positive integer
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_positive_int() {
local -r int="${1:?missing value}"
if is_int "$int" && (( "${int}" >= 0 )); then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean or is the string 'yes/true'
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_boolean_yes() {
local -r bool="${1:-}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean yes/no value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_yes_no_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(yes|no)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean true/false value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_true_false_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(true|false)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean 1/0 value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_1_0_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^[10]$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is an empty string or not defined
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_empty_value() {
local -r val="${1:-}"
if [[ -z "$val" ]]; then
true
else
false
fi
}
########################
# Validate if the provided argument is a valid port
# Arguments:
# $1 - Port to validate
# Returns:
# Boolean and error message
#########################
validate_port() {
local value
local unprivileged=0
# Parse flags
while [[ "$#" -gt 0 ]]; do
case "$1" in
-unprivileged)
unprivileged=1
;;
--)
shift
break
;;
-*)
stderr_print "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [[ "$#" -gt 1 ]]; then
echo "too many arguments provided"
return 2
elif [[ "$#" -eq 0 ]]; then
stderr_print "missing port argument"
return 1
else
value=$1
fi
if [[ -z "$value" ]]; then
echo "the value is empty"
return 1
else
if ! is_int "$value"; then
echo "value is not an integer"
return 2
elif [[ "$value" -lt 0 ]]; then
echo "negative value provided"
return 2
elif [[ "$value" -gt 65535 ]]; then
echo "requested port is greater than 65535"
return 2
elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then
echo "privileged port requested"
return 3
fi
fi
}
########################
# Validate if the provided argument is a valid IPv4 address
# Arguments:
# $1 - IP to validate
# Returns:
# Boolean
#########################
validate_ipv4() {
local ip="${1:?ip is missing}"
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")"
[[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \
&& ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]]
stat=$?
fi
return $stat
}
########################
# Validate a string format
# Arguments:
# $1 - String to validate
# Returns:
# Boolean
#########################
validate_string() {
local string
local min_length=-1
local max_length=-1
# Parse flags
while [ "$#" -gt 0 ]; do
case "$1" in
-min-length)
shift
min_length=${1:-}
;;
-max-length)
shift
max_length=${1:-}
;;
--)
shift
break
;;
-*)
stderr_print "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [ "$#" -gt 1 ]; then
stderr_print "too many arguments provided"
return 2
elif [ "$#" -eq 0 ]; then
stderr_print "missing string"
return 1
else
string=$1
fi
if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then
echo "string length is less than $min_length"
return 1
fi
if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then
echo "string length is great than $max_length"
return 1
fi
}

49
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh Normal file
View File

@ -0,0 +1,49 @@
#!/bin/bash
#
# Library for managing versions strings
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Gets semantic version
# Arguments:
# $1 - version: string to extract major.minor.patch
# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch
# Returns:
# array with the major, minor and release
#########################
get_sematic_version () {
local version="${1:?version is required}"
local section="${2:?section is required}"
local -a version_sections
#Regex to parse versions: x.y.z
local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?'
if [[ "$version" =~ $regex ]]; then
local i=1
local j=1
local n=${#BASH_REMATCH[*]}
while [[ $i -lt $n ]]; do
if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then
version_sections[$j]=${BASH_REMATCH[$i]}
((j++))
fi
((i++))
done
local number_regex='^[0-9]+$'
if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then
echo "${version_sections[$section]}"
return
else
stderr_print "Section allowed values are: 1, 2, and 3"
return 1
fi
fi
}

458
containers/discourse/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh Normal file
View File

@ -0,0 +1,458 @@
#!/bin/bash
#
# Bitnami web server handler library
# shellcheck disable=SC1090,SC1091
# Load generic libraries
. /opt/bitnami/scripts/liblog.sh
########################
# Execute a command (or list of commands) with the web server environment and library loaded
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_execute() {
local -r web_server="${1:?missing web server}"
shift
# Run program in sub-shell to avoid web server environment getting loaded when not necessary
(
. "/opt/bitnami/scripts/lib${web_server}.sh"
. "/opt/bitnami/scripts/${web_server}-env.sh"
"$@"
)
}
########################
# Prints the list of enabled web servers
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_list() {
local -r -a supported_web_servers=(apache nginx)
local -a existing_web_servers=()
for web_server in "${supported_web_servers[@]}"; do
[[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server")
done
echo "${existing_web_servers[@]:-}"
}
########################
# Prints the currently-enabled web server type (only one, in order of preference)
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_type() {
local -a web_servers
read -r -a web_servers <<< "$(web_server_list)"
echo "${web_servers[0]:-}"
}
########################
# Validate that a supported web server is configured
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_validate() {
local error_code=0
local supported_web_servers=("apache" "nginx")
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then
print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}"
elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then
print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable."
fi
return "$error_code"
}
########################
# Check whether the web server is running
# Globals:
# *
# Arguments:
# None
# Returns:
# true if the web server is running, false otherwise
#########################
is_web_server_running() {
"is_$(web_server_type)_running"
}
########################
# Start web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_start() {
info "Starting $(web_server_type) in background"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh"
}
########################
# Stop web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_stop() {
info "Stopping $(web_server_type)"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh"
}
########################
# Restart web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_restart() {
info "Restarting $(web_server_type)"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh"
}
########################
# Reload web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_reload() {
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh"
}
########################
# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --type - Application type, which has an effect on which configuration template to use
# --hosts - Host listen addresses
# --server-name - Server name
# --server-aliases - Server aliases
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --disable - Whether to render server configurations with a .disabled prefix
# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix
# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix
# --http-port - HTTP port number
# --https-port - HTTPS port number
# --document-root - Path to document root directory
# Apache-specific flags:
# --apache-additional-configuration - Additional vhost configuration (no default)
# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default)
# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default)
# --apache-before-vhost-configuration - Configuration to add before the <VirtualHost> directive (no default)
# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined)
# --apache-extra-directory-configuration - Extra configuration for the document root directory
# --apache-proxy-address - Address where to proxy requests
# --apache-proxy-configuration - Extra configuration for the proxy
# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost
# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost
# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined)
# NGINX-specific flags:
# --nginx-additional-configuration - Additional server block configuration (no default)
# --nginx-external-configuration - Configuration external to server block (no default)
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_web_server_app_configuration_exists() {
local app="${1:?missing app}"
shift
local -a apache_args nginx_args web_servers args_var
apache_args=("$app")
nginx_args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--disable \
| --disable-http \
| --disable-https \
)
apache_args+=("$1")
nginx_args+=("$1")
;;
--hosts \
| --server-name \
| --server-aliases \
| --type \
| --allow-remote-connections \
| --http-port \
| --https-port \
| --document-root \
)
apache_args+=("$1" "${2:?missing value}")
nginx_args+=("$1" "${2:?missing value}")
shift
;;
# Specific Apache flags
--apache-additional-configuration \
| --apache-additional-http-configuration \
| --apache-additional-https-configuration \
| --apache-before-vhost-configuration \
| --apache-allow-override \
| --apache-extra-directory-configuration \
| --apache-proxy-address \
| --apache-proxy-configuration \
| --apache-proxy-http-configuration \
| --apache-proxy-https-configuration \
| --apache-move-htaccess \
)
apache_args+=("${1//apache-/}" "${2:?missing value}")
shift
;;
# Specific NGINX flags
--nginx-additional-configuration \
| --nginx-external-configuration)
nginx_args+=("${1//nginx-/}" "${2:?missing value}")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
args_var="${web_server}_args[@]"
web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}"
done
}
########################
# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Returns:
# true if the configuration was disabled, false otherwise
########################
ensure_web_server_app_configuration_not_exists() {
local app="${1:?missing app}"
local -a web_servers
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app"
done
}
########################
# Ensure the web server loads the configuration for an application in a URL prefix
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --document-root - Path to document root directory
# --prefix - URL prefix from where it will be accessible (i.e. /myapp)
# --type - Application type, which has an effect on what configuration template will be used
# Apache-specific flags:
# --apache-additional-configuration - Additional vhost configuration (no default)
# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no')
# --apache-extra-directory-configuration - Extra configuration for the document root directory
# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup
# NGINX-specific flags:
# --nginx-additional-configuration - Additional server block configuration (no default)
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_web_server_prefix_configuration_exists() {
local app="${1:?missing app}"
shift
local -a apache_args nginx_args web_servers args_var
apache_args=("$app")
nginx_args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--allow-remote-connections \
| --document-root \
| --prefix \
| --type \
)
apache_args+=("$1" "${2:?missing value}")
nginx_args+=("$1" "${2:?missing value}")
shift
;;
# Specific Apache flags
--apache-additional-configuration \
| --apache-allow-override \
| --apache-extra-directory-configuration \
| --apache-move-htaccess \
)
apache_args+=("${1//apache-/}" "$2")
shift
;;
# Specific NGINX flags
--nginx-additional-configuration)
nginx_args+=("${1//nginx-/}" "$2")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
args_var="${web_server}_args[@]"
web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}"
done
}
########################
# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --hosts - Host listen addresses
# --server-name - Server name
# --server-aliases - Server aliases
# --enable-http - Enable HTTP app configuration (if not enabled already)
# --enable-https - Enable HTTPS app configuration (if not enabled already)
# --disable-http - Disable HTTP app configuration (if not disabled already)
# --disable-https - Disable HTTPS app configuration (if not disabled already)
# --http-port - HTTP port number
# --https-port - HTTPS port number
# Returns:
# true if the configuration was updated, false otherwise
########################
web_server_update_app_configuration() {
local app="${1:?missing app}"
shift
local -a args web_servers
args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--enable-http \
| --enable-https \
| --disable-http \
| --disable-https \
)
args+=("$1")
;;
--hosts \
| --server-name \
| --server-aliases \
| --http-port \
| --https-port \
)
args+=("$1" "${2:?missing value}")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}"
done
}
########################
# Enable loading page, which shows users that the initialization process is not yet completed
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_enable_loading_page() {
ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \
--apache-additional-configuration "
# Show a HTTP 503 Service Unavailable page by default
RedirectMatch 503 ^/$
# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes
ErrorDocument 404 /index.html
ErrorDocument 503 /index.html" \
--nginx-additional-configuration "
# Show a HTTP 503 Service Unavailable page by default
location / {
return 503;
}
# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes
error_page 404 @installing;
error_page 503 @installing;
location @installing {
rewrite ^(.*)$ /index.html break;
}"
web_server_reload
}
########################
# Enable loading page, which shows users that the initialization process is not yet completed
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_disable_install_page() {
ensure_web_server_app_configuration_not_exists "__loading"
web_server_reload
}

24
containers/discourse/2/debian-11/prebuildfs/usr/sbin/install_packages Executable file
View File

@ -0,0 +1,24 @@
#!/bin/sh
set -e
set -u
export DEBIAN_FRONTEND=noninteractive
n=0
max=2
until [ $n -gt $max ]; do
set +e
(
apt-get update -qq &&
apt-get install -y --no-install-recommends "$@"
)
CODE=$?
set -e
if [ $CODE -eq 0 ]; then
break
fi
if [ $n -eq $max ]; then
exit $CODE
fi
echo "apt failed, retrying"
n=$(($n + 1))
done
rm -r /var/lib/apt/lists /var/cache/apt/archives

163
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/discourse-env.sh Normal file
View File

@ -0,0 +1,163 @@
#!/bin/bash
#
# Environment configuration for discourse
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-discourse}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# By setting an environment variable matching *_FILE to a file path, the prefixed environment
# variable will be overridden with the value specified in that file
discourse_env_vars=(
DISCOURSE_DATA_TO_PERSIST
DISCOURSE_ENABLE_HTTPS
DISCOURSE_EXTERNAL_HTTP_PORT_NUMBER
DISCOURSE_EXTERNAL_HTTPS_PORT_NUMBER
DISCOURSE_HOST
DISCOURSE_PORT_NUMBER
DISCOURSE_SKIP_BOOTSTRAP
DISCOURSE_SITE_NAME
DISCOURSE_ENV
DISCOURSE_PRECOMPILE_ASSETS
DISCOURSE_ENABLE_CONF_PERSISTENCE
DISCOURSE_EXTRA_CONF_CONTENT
DISCOURSE_PASSENGER_SPAWN_METHOD
DISCOURSE_PASSENGER_EXTRA_FLAGS
DISCOURSE_USERNAME
DISCOURSE_PASSWORD
DISCOURSE_EMAIL
DISCOURSE_FIRST_NAME
DISCOURSE_LAST_NAME
DISCOURSE_SMTP_HOST
DISCOURSE_SMTP_PORT_NUMBER
DISCOURSE_SMTP_USER
DISCOURSE_SMTP_PASSWORD
DISCOURSE_SMTP_PROTOCOL
DISCOURSE_SMTP_AUTH
DISCOURSE_DATABASE_HOST
DISCOURSE_DATABASE_PORT_NUMBER
DISCOURSE_DATABASE_NAME
DISCOURSE_DATABASE_USER
DISCOURSE_DATABASE_PASSWORD
DISCOURSE_REDIS_HOST
DISCOURSE_REDIS_PORT_NUMBER
DISCOURSE_REDIS_PASSWORD
DISCOURSE_HOSTNAME
DISCOURSE_SKIP_INSTALL
SMTP_HOST
SMTP_PORT
DISCOURSE_SMTP_PORT
SMTP_USER
SMTP_PASSWORD
SMTP_PROTOCOL
SMTP_AUTH
POSTGRESQL_HOST
POSTGRESQL_PORT_NUMBER
DISCOURSE_POSTGRESQL_NAME
DISCOURSE_POSTGRESQL_USERNAME
DISCOURSE_POSTGRESQL_PASSWORD
REDIS_HOST
REDIS_PORT_NUMBER
REDIS_PASSWORD
)
for env_var in "${discourse_env_vars[@]}"; do
file_env_var="${env_var}_FILE"
if [[ -n "${!file_env_var:-}" ]]; then
if [[ -r "${!file_env_var:-}" ]]; then
export "${env_var}=$(< "${!file_env_var}")"
unset "${file_env_var}"
else
warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
fi
fi
done
unset discourse_env_vars
# Paths
export DISCOURSE_BASE_DIR="${BITNAMI_ROOT_DIR}/discourse"
export DISCOURSE_CONF_FILE="${DISCOURSE_BASE_DIR}/config/discourse.conf"
export PATH="${BITNAMI_ROOT_DIR}/common/bin:${BITNAMI_ROOT_DIR}/brotli/bin:${BITNAMI_ROOT_DIR}/git/bin:${PATH}"
# Discourse persistence configuration
export DISCOURSE_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/discourse"
export DISCOURSE_DATA_TO_PERSIST="${DISCOURSE_DATA_TO_PERSIST:-plugins public/backups public/uploads}"
# System users (when running with a privileged user)
export DISCOURSE_DAEMON_USER="discourse"
export DISCOURSE_DAEMON_GROUP="discourse"
# Discourse configuration
export DISCOURSE_ENABLE_HTTPS="${DISCOURSE_ENABLE_HTTPS:-no}"
export DISCOURSE_EXTERNAL_HTTP_PORT_NUMBER="${DISCOURSE_EXTERNAL_HTTP_PORT_NUMBER:-80}"
export DISCOURSE_EXTERNAL_HTTPS_PORT_NUMBER="${DISCOURSE_EXTERNAL_HTTPS_PORT_NUMBER:-443}"
DISCOURSE_HOST="${DISCOURSE_HOST:-"${DISCOURSE_HOSTNAME:-}"}"
export DISCOURSE_HOST="${DISCOURSE_HOST:-www.example.com}"
export DISCOURSE_PORT_NUMBER="${DISCOURSE_PORT_NUMBER:-3000}"
DISCOURSE_SKIP_BOOTSTRAP="${DISCOURSE_SKIP_BOOTSTRAP:-"${DISCOURSE_SKIP_INSTALL:-}"}"
export DISCOURSE_SKIP_BOOTSTRAP="${DISCOURSE_SKIP_BOOTSTRAP:-}" # only used during the first initialization
export DISCOURSE_SITE_NAME="${DISCOURSE_SITE_NAME:-My site!}" # only used during the first initialization
export DISCOURSE_ENV="${DISCOURSE_ENV:-production}"
export DISCOURSE_PRECOMPILE_ASSETS="${DISCOURSE_PRECOMPILE_ASSETS:-yes}"
export DISCOURSE_ENABLE_CONF_PERSISTENCE="${DISCOURSE_ENABLE_CONF_PERSISTENCE:-no}"
export DISCOURSE_EXTRA_CONF_CONTENT="${DISCOURSE_EXTRA_CONF_CONTENT:-yes}"
export DISCOURSE_PASSENGER_SPAWN_METHOD="${DISCOURSE_PASSENGER_SPAWN_METHOD:-direct}"
export DISCOURSE_PASSENGER_EXTRA_FLAGS="${DISCOURSE_PASSENGER_EXTRA_FLAGS:-}"
# Discourse credentials
export DISCOURSE_USERNAME="${DISCOURSE_USERNAME:-user}" # only used during the first initialization
export DISCOURSE_PASSWORD="${DISCOURSE_PASSWORD:-bitnami123}" # only used during the first initialization
export DISCOURSE_EMAIL="${DISCOURSE_EMAIL:-user@example.com}" # only used during the first initialization
export DISCOURSE_FIRST_NAME="${DISCOURSE_FIRST_NAME:-UserName}" # only used during the first initialization
export DISCOURSE_LAST_NAME="${DISCOURSE_LAST_NAME:-LastName}" # only used during the first initialization
# Discourse SMTP credentials
DISCOURSE_SMTP_HOST="${DISCOURSE_SMTP_HOST:-"${SMTP_HOST:-}"}"
export DISCOURSE_SMTP_HOST="${DISCOURSE_SMTP_HOST:-}"
DISCOURSE_SMTP_PORT_NUMBER="${DISCOURSE_SMTP_PORT_NUMBER:-"${SMTP_PORT:-}"}"
DISCOURSE_SMTP_PORT_NUMBER="${DISCOURSE_SMTP_PORT_NUMBER:-"${DISCOURSE_SMTP_PORT:-}"}"
export DISCOURSE_SMTP_PORT_NUMBER="${DISCOURSE_SMTP_PORT_NUMBER:-}"
DISCOURSE_SMTP_USER="${DISCOURSE_SMTP_USER:-"${SMTP_USER:-}"}"
export DISCOURSE_SMTP_USER="${DISCOURSE_SMTP_USER:-}"
DISCOURSE_SMTP_PASSWORD="${DISCOURSE_SMTP_PASSWORD:-"${SMTP_PASSWORD:-}"}"
export DISCOURSE_SMTP_PASSWORD="${DISCOURSE_SMTP_PASSWORD:-}"
DISCOURSE_SMTP_PROTOCOL="${DISCOURSE_SMTP_PROTOCOL:-"${SMTP_PROTOCOL:-}"}"
export DISCOURSE_SMTP_PROTOCOL="${DISCOURSE_SMTP_PROTOCOL:-}"
DISCOURSE_SMTP_AUTH="${DISCOURSE_SMTP_AUTH:-"${SMTP_AUTH:-}"}"
export DISCOURSE_SMTP_AUTH="${DISCOURSE_SMTP_AUTH:-login}"
# Database configuration
export DISCOURSE_DEFAULT_DATABASE_HOST="postgresql" # only used at build time
DISCOURSE_DATABASE_HOST="${DISCOURSE_DATABASE_HOST:-"${POSTGRESQL_HOST:-}"}"
export DISCOURSE_DATABASE_HOST="${DISCOURSE_DATABASE_HOST:-$DISCOURSE_DEFAULT_DATABASE_HOST}"
DISCOURSE_DATABASE_PORT_NUMBER="${DISCOURSE_DATABASE_PORT_NUMBER:-"${POSTGRESQL_PORT_NUMBER:-}"}"
export DISCOURSE_DATABASE_PORT_NUMBER="${DISCOURSE_DATABASE_PORT_NUMBER:-5432}"
DISCOURSE_DATABASE_NAME="${DISCOURSE_DATABASE_NAME:-"${DISCOURSE_POSTGRESQL_NAME:-}"}"
export DISCOURSE_DATABASE_NAME="${DISCOURSE_DATABASE_NAME:-bitnami_discourse}"
DISCOURSE_DATABASE_USER="${DISCOURSE_DATABASE_USER:-"${DISCOURSE_POSTGRESQL_USERNAME:-}"}"
export DISCOURSE_DATABASE_USER="${DISCOURSE_DATABASE_USER:-bn_discourse}"
DISCOURSE_DATABASE_PASSWORD="${DISCOURSE_DATABASE_PASSWORD:-"${DISCOURSE_POSTGRESQL_PASSWORD:-}"}"
export DISCOURSE_DATABASE_PASSWORD="${DISCOURSE_DATABASE_PASSWORD:-}"
# Redis configuration
export DISCOURSE_DEFAULT_REDIS_HOST="redis" # only used at build time
DISCOURSE_REDIS_HOST="${DISCOURSE_REDIS_HOST:-"${REDIS_HOST:-}"}"
export DISCOURSE_REDIS_HOST="${DISCOURSE_REDIS_HOST:-$DISCOURSE_DEFAULT_REDIS_HOST}"
DISCOURSE_REDIS_PORT_NUMBER="${DISCOURSE_REDIS_PORT_NUMBER:-"${REDIS_PORT_NUMBER:-}"}"
export DISCOURSE_REDIS_PORT_NUMBER="${DISCOURSE_REDIS_PORT_NUMBER:-6379}"
DISCOURSE_REDIS_PASSWORD="${DISCOURSE_REDIS_PASSWORD:-"${REDIS_PASSWORD:-}"}"
export DISCOURSE_REDIS_PASSWORD="${DISCOURSE_REDIS_PASSWORD:-}"
# Custom environment variables may be defined below

32
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/run.sh Executable file
View File

@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load Discourse environment
. /opt/bitnami/scripts/discourse-env.sh
# Load libraries
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libdiscourse.sh
cd "$DISCOURSE_BASE_DIR"
# Based on https://github.com/discourse/discourse/blob/master/bin/docker/sidekiq
START_CMD=(
"bundle" "exec" "sidekiq"
"-q" "critical" "-q" "low" "-q" "default" "-q" "ultra_low" # Queues; the order is important
"-e" "$DISCOURSE_ENV"
)
info "** Starting Sidekiq **"
if am_i_root; then
exec gosu "$DISCOURSE_DAEMON_USER" "${START_CMD[@]}" "$@"
else
exec "${START_CMD[@]}" "$@"
fi

28
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/setup.sh Executable file
View File

@ -0,0 +1,28 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load Discourse environment
. /opt/bitnami/scripts/discourse-env.sh
# Load PostgreSQL Client environment for 'postgresql_remote_execute' (after 'discourse-env.sh' so that MODULE is not set to a wrong value)
if [[ -f /opt/bitnami/scripts/postgresql-client-env.sh ]]; then
. /opt/bitnami/scripts/postgresql-client-env.sh
elif [[ -f /opt/bitnami/scripts/postgresql-env.sh ]]; then
. /opt/bitnami/scripts/postgresql-env.sh
fi
# Load libraries
. /opt/bitnami/scripts/libdiscourse.sh
. /opt/bitnami/scripts/libdiscoursesidekiq.sh
# Ensure Discourse environment variables are valid
discourse_validate
# Ensure Discourse is initialized
discourse_sidekiq_initialize

31
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/discourse/entrypoint.sh Executable file
View File

@ -0,0 +1,31 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load Discourse environment
. /opt/bitnami/scripts/discourse-env.sh
# Load libraries
. /opt/bitnami/scripts/libbitnami.sh
. /opt/bitnami/scripts/liblog.sh
print_welcome_page
if [[ "$1" = "/opt/bitnami/scripts/discourse/run.sh" ]]; then
/opt/bitnami/scripts/postgresql-client/setup.sh
/opt/bitnami/scripts/discourse/setup.sh
/post-init.sh
info "** Discourse setup finished! **"
elif [[ "$1" = "/opt/bitnami/scripts/discourse-sidekiq/run.sh" ]]; then
/opt/bitnami/scripts/discourse-sidekiq/setup.sh
/post-init.sh
info "** Sidekiq setup finished! **"
fi
echo ""
exec "$@"

46
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/discourse/postunpack.sh Executable file
View File

@ -0,0 +1,46 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load Discourse environment
. /opt/bitnami/scripts/discourse-env.sh
# Load libraries
. /opt/bitnami/scripts/libdiscourse.sh
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/liblog.sh
# Ensure the Discourse base directory exists and has proper permissions
info "Configuring file permissions for Discourse"
ensure_user_exists "$DISCOURSE_DAEMON_USER" --group "$DISCOURSE_DAEMON_GROUP" --system
# The backups and uploads directories are created at runtime after persistence logic, making it fail, so we create them here
declare -a writable_dirs=(
# Skipping DISCOURSE BASE_DIR intentionally because it contains a lot of files/folders that should not be writable
"$DISCOURSE_VOLUME_DIR"
# Folders to persist
"${DISCOURSE_BASE_DIR}/plugins"
"${DISCOURSE_BASE_DIR}/public/backups"
"${DISCOURSE_BASE_DIR}/public/uploads"
# Folders that need to be writable for the app to work
"${DISCOURSE_BASE_DIR}/app/assets"
"${DISCOURSE_BASE_DIR}/log"
"${DISCOURSE_BASE_DIR}/public"
"${DISCOURSE_BASE_DIR}/tmp"
# Avoid Bundle usage warnings by creating a .bundler folder in the home directory
"$(su "$DISCOURSE_DAEMON_USER" -s "$SHELL" -c "echo ~/.bundle")"
)
for dir in "${writable_dirs[@]}"; do
ensure_dir_exists "$dir"
# Use daemon:root ownership for compatibility when running as a non-root user
configure_permissions_ownership "$dir" -d "775" -f "664" -u "$DISCOURSE_DAEMON_USER" -g "root"
done
# Required for running as non-root users, for persistence logic to work properly
# Using g+rwx/g+rw instead of explicit 775/664 permissions because Discourse includes executable binaries in different subfolders
configure_permissions_ownership "$DISCOURSE_BASE_DIR" -d "g+rwx" -f "g+rw" -u "$DISCOURSE_DAEMON_USER" -g "root"

36
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/discourse/run.sh Executable file
View File

@ -0,0 +1,36 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load Discourse environment
. /opt/bitnami/scripts/discourse-env.sh
# Load libraries
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libdiscourse.sh
cd "$DISCOURSE_BASE_DIR"
declare -a cmd=(
"bundle" "exec" "passenger" "start"
"--user" "$DISCOURSE_DAEMON_USER"
"-e" "$DISCOURSE_ENV"
"-p" "$DISCOURSE_PORT_NUMBER"
"--spawn-method" "$DISCOURSE_PASSENGER_SPAWN_METHOD"
)
# Append extra flags specified via environment variables
if [[ -n "$DISCOURSE_PASSENGER_EXTRA_FLAGS" ]]; then
declare -a passenger_extra_flags
read -r -a passenger_extra_flags <<< "$DISCOURSE_PASSENGER_EXTRA_FLAGS"
[[ "${#passenger_extra_flags[@]}" -gt 0 ]] && cmd+=("${passenger_extra_flags[@]}")
fi
info "** Starting Discourse **"
exec "${cmd[@]}" "$@"

27
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/discourse/setup.sh Executable file
View File

@ -0,0 +1,27 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load Discourse environment
. /opt/bitnami/scripts/discourse-env.sh
# Load PostgreSQL Client environment for 'postgresql_remote_execute' (after 'discourse-env.sh' so that MODULE is not set to a wrong value)
if [[ -f /opt/bitnami/scripts/postgresql-client-env.sh ]]; then
. /opt/bitnami/scripts/postgresql-client-env.sh
elif [[ -f /opt/bitnami/scripts/postgresql-env.sh ]]; then
. /opt/bitnami/scripts/postgresql-env.sh
fi
# Load libraries
. /opt/bitnami/scripts/libdiscourse.sh
# Ensure Discourse environment variables are valid
discourse_validate
# Ensure Discourse is initialized
discourse_initialize

17
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/discourse/updatehost.sh Executable file
View File

@ -0,0 +1,17 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load Discourse environment
. /opt/bitnami/scripts/discourse-env.sh
# Load libraries
. /opt/bitnami/scripts/libdiscourse.sh
info "Updating configuration file"
discourse_set_hostname "${1:?missing host}"

448
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/libdiscourse.sh Normal file
View File

@ -0,0 +1,448 @@
#!/bin/bash
#
# Bitnami Discourse library
# shellcheck disable=SC1091
# Load generic libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/libnet.sh
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/libpersistence.sh
. /opt/bitnami/scripts/libservice.sh
# Load database library
if [[ -f /opt/bitnami/scripts/libpostgresqlclient.sh ]]; then
. /opt/bitnami/scripts/libpostgresqlclient.sh
elif [[ -f /opt/bitnami/scripts/libpostgresql.sh ]]; then
. /opt/bitnami/scripts/libpostgresql.sh
fi
########################
# Validate settings in DISCOURSE_* env vars
# Globals:
# DISCOURSE_*
# Arguments:
# None
# Returns:
# 0 if the validation succeeded, 1 otherwise
#########################
discourse_validate() {
debug "Validating settings in DISCOURSE_* environment variables..."
local error_code=0
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
check_empty_value() {
if is_empty_value "${!1}"; then
print_validation_error "${1} must be set"
fi
}
check_yes_no_value() {
if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then
print_validation_error "The allowed values for ${1} are: yes no"
fi
}
check_multi_value() {
if [[ " ${2} " != *" ${!1} "* ]]; then
print_validation_error "The allowed values for ${1} are: ${2}"
fi
}
check_resolved_hostname() {
if ! is_hostname_resolved "$1"; then
warn "Hostname ${1} could not be resolved, this could lead to connection issues"
fi
}
check_password_length() {
local password_var="${1:?missing password_var}"
local length="${2:?missing length}"
local password="${!1}"
if [[ "${#password}" -lt "$length" ]]; then
print_validation_error "${password_var} must be at least ${length} characters"
fi
}
check_valid_port() {
local port_var="${1:?missing port variable}"
local err
if ! err="$(validate_port "${!port_var}")"; then
print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}."
fi
}
# Warn users in case the configuration file is not writable
is_file_writable "$DISCOURSE_CONF_FILE" || warn "The Discourse configuration file '${DISCOURSE_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied for this file."
# Validate user inputs
check_empty_value "DISCOURSE_HOST"
check_multi_value "DISCOURSE_ENV" "development production test"
check_multi_value "DISCOURSE_PASSENGER_SPAWN_METHOD" "direct smart"
check_password_length "DISCOURSE_PASSWORD" 10
! is_empty_value "$DISCOURSE_ENABLE_HTTPS" && check_yes_no_value "DISCOURSE_ENABLE_HTTPS"
! is_empty_value "$DISCOURSE_SKIP_BOOTSTRAP" && check_yes_no_value "DISCOURSE_SKIP_BOOTSTRAP"
! is_empty_value "$DISCOURSE_DATABASE_HOST" && check_resolved_hostname "$DISCOURSE_DATABASE_HOST"
! is_empty_value "$DISCOURSE_DATABASE_PORT_NUMBER" && check_valid_port "DISCOURSE_DATABASE_PORT_NUMBER"
! is_empty_value "$DISCOURSE_REDIS_HOST" && check_resolved_hostname "$DISCOURSE_REDIS_HOST"
! is_empty_value "$DISCOURSE_REDIS_PORT_NUMBER" && check_valid_port "DISCOURSE_REDIS_PORT_NUMBER"
if ! is_file_writable "$DISCOURSE_CONF_FILE"; then
warn "The Discourse configuration file ${DISCOURSE_CONF_FILE} is not writable. Configurations specified via environment variables will not be applied to this file."
is_boolean_yes "$DISCOURSE_ENABLE_CONF_PERSISTENCE" && warn "The DISCOURSE_ENABLE_CONF_PERSISTENCE configuration is enabled but the ${DISCOURSE_CONF_FILE} file is not writable. The file will not be persisted."
fi
# Validate credentials
if is_boolean_yes "${ALLOW_EMPTY_PASSWORD:-}"; then
warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD:-}. For safety reasons, do not use this flag in a production environment."
else
# Do not throw an error yet, since the option did not exist before and it would break upgrades
for empty_env_var in "DISCOURSE_DATABASE_PASSWORD" "DISCOURSE_REDIS_PASSWORD"; do
is_empty_value "${!empty_env_var}" && warn "The ${empty_env_var} environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments."
done
fi
# Validate SMTP credentials
if ! is_empty_value "$DISCOURSE_SMTP_HOST"; then
for empty_env_var in "DISCOURSE_SMTP_USER" "DISCOURSE_SMTP_PASSWORD"; do
is_empty_value "${!empty_env_var}" && warn "The ${empty_env_var} environment variable is empty or not set."
done
is_empty_value "$DISCOURSE_SMTP_PORT_NUMBER" && print_validation_error "The DISCOURSE_SMTP_PORT_NUMBER environment variable is empty or not set."
! is_empty_value "$DISCOURSE_SMTP_PORT_NUMBER" && check_valid_port "DISCOURSE_SMTP_PORT_NUMBER"
! is_empty_value "$DISCOURSE_SMTP_PROTOCOL" && check_multi_value "DISCOURSE_SMTP_PROTOCOL" "ssl tls"
check_multi_value "DISCOURSE_SMTP_AUTH" "plain login cram_md5"
fi
return "$error_code"
}
########################
# Ensure Discourse is initialized
# Globals:
# DISCOURSE_*
# Arguments:
# None
# Returns:
# None
#########################
discourse_initialize() {
local -a postgresql_remote_execute_args=("$DISCOURSE_DATABASE_HOST" "$DISCOURSE_DATABASE_PORT_NUMBER" "$DISCOURSE_DATABASE_NAME" "$DISCOURSE_DATABASE_USER" "$DISCOURSE_DATABASE_PASSWORD")
if ! is_dir_empty "${DISCOURSE_BASE_DIR}/mounted-conf"; then
info "Detected mounted configuration files, copying to Discourse config directory"
cp -r "${DISCOURSE_BASE_DIR}/mounted-conf/"* "$DISCOURSE_CONF_DIR"
fi
if is_file_writable "$DISCOURSE_CONF_FILE"; then
if is_boolean_yes "$DISCOURSE_ENABLE_CONF_PERSISTENCE"; then
DISCOURSE_DATA_TO_PERSIST+=" ${DISCOURSE_CONF_FILE}"
# Avoid restarts causing config file recreation due to symlink still being present
rm -f "$DISCOURSE_CONF_FILE"
fi
info "Creating Discourse configuration file"
discourse_create_conf_file
fi
# Check if Discourse has already been initialized and persisted in a previous run
local -r app_name="discourse"
if ! is_app_initialized "$app_name"; then
# Ensure Discourse persisted directories exist (i.e. when a volume has been mounted to /bitnami)
info "Ensuring Discourse directories exist"
ensure_dir_exists "$DISCOURSE_VOLUME_DIR"
# Use daemon:root ownership for compatibility when running as a non-root user
am_i_root && configure_permissions_ownership "$DISCOURSE_VOLUME_DIR" -d "775" -f "664" -u "$DISCOURSE_DAEMON_USER" -g "root"
info "Trying to connect to the database server"
discourse_wait_for_postgresql_connection "${postgresql_remote_execute_args[@]}"
# The below steps are used to install Discourse, based on the below installation template:
# https://github.com/discourse/discourse_docker/blob/master/templates/web.template.yml
# Some things like auto-updates for plugins and themes are intentionally skipped since pre-installation is not yet supported
# Populate database
info "Populating database"
discourse_rake_execute db:migrate
if is_boolean_yes "$DISCOURSE_SKIP_BOOTSTRAP"; then
info "An already initialized Discourse database was provided, configuration will be skipped"
else
info "Creating admin user"
discourse_ensure_admin_user_exists "$DISCOURSE_USERNAME" "$DISCOURSE_PASSWORD" "$DISCOURSE_EMAIL" "${DISCOURSE_FIRST_NAME} ${DISCOURSE_LAST_NAME}"
fi
info "Persisting Discourse installation"
persist_app "$app_name" "$DISCOURSE_DATA_TO_PERSIST"
else
info "Restoring persisted Discourse installation"
restore_persisted_app "$app_name" "$DISCOURSE_DATA_TO_PERSIST"
info "Trying to connect to the database server"
discourse_wait_for_postgresql_connection "${postgresql_remote_execute_args[@]}"
info "Running database migrations"
discourse_rake_execute db:migrate
fi
if is_boolean_yes "$DISCOURSE_PRECOMPILE_ASSETS"; then
info "Precompiling assets, this may take some time..."
discourse_rake_execute assets:precompile
else
# The precompilation of CSS assets also populates the 'stylesheet_cache' table, requiring also a DB connection
# And since the DB is not available at build time, it is impossible to build CSS assets at build time
# Note: The info log is intentionally misleading, to avoid confusion for users when disabling DISCOURSE_PRECOMPILE_ASSETS
info "Populating CSS cache in database"
discourse_rake_execute assets:precompile:css
fi
# Avoid exit code of previous commands to affect the result of this function
true
}
########################
# Add or modify an entry in the Discourse configuration file
# Globals:
# DISCOURSE_*
# Arguments:
# $1 - Variable name
# $2 - Value to assign to the variable
# Returns:
# None
#########################
discourse_conf_set() {
local -r key="${1:?key missing}"
local -r value="${2:-}"
debug "Setting ${key} to '${value}' in Discourse configuration"
# Sanitize key (sed does not support fixed string substitutions)
local sanitized_pattern
sanitized_pattern="^\s*(#\s*)?$(sed 's/[]\[^$.*/]/\\&/g' <<< "$key")\s*=\s*(.*)"
local entry="${key} = ${value}"
# Check if the configuration exists in the file
if grep -q -E "$sanitized_pattern" "$DISCOURSE_CONF_FILE"; then
# It exists, so replace the line
replace_in_file "$DISCOURSE_CONF_FILE" "$sanitized_pattern" "$entry"
else
echo "$entry" >> "$DISCOURSE_CONF_FILE"
fi
}
########################
# Create and populate the Discourse configuration for the current environment
# Globals:
# DISCOURSE_*
# Arguments:
# None
# Returns:
# None
#########################
discourse_create_conf_file() {
# Based on: https://github.com/discourse/discourse/blob/master/config/discourse_defaults.conf
touch "$DISCOURSE_CONF_FILE"
discourse_set_hostname "$DISCOURSE_HOST"
# Database credentials
discourse_conf_set "db_host" "$DISCOURSE_DATABASE_HOST"
discourse_conf_set "db_port" "$DISCOURSE_DATABASE_PORT_NUMBER"
discourse_conf_set "db_username" "$DISCOURSE_DATABASE_USER"
discourse_conf_set "db_password" "$DISCOURSE_DATABASE_PASSWORD"
discourse_conf_set "db_name" "$DISCOURSE_DATABASE_NAME"
# Redis credentials
discourse_conf_set "redis_host" "$DISCOURSE_REDIS_HOST"
discourse_conf_set "redis_port" "$DISCOURSE_REDIS_PORT_NUMBER"
discourse_conf_set "redis_password" "$DISCOURSE_REDIS_PASSWORD"
# SMTP credentials
if ! is_empty_value "$DISCOURSE_SMTP_HOST"; then
info "Enabling SMTP"
discourse_conf_set "smtp_address" "$DISCOURSE_SMTP_HOST"
discourse_conf_set "smtp_port" "$DISCOURSE_SMTP_PORT_NUMBER"
discourse_conf_set "smtp_user_name" "$DISCOURSE_SMTP_USER"
discourse_conf_set "smtp_password" "$DISCOURSE_SMTP_PASSWORD"
discourse_conf_set "smtp_enable_start_tls" "$([[ "$DISCOURSE_SMTP_PROTOCOL" = "tls" ]] && echo "true" || echo "false")"
discourse_conf_set "smtp_authentication" "$DISCOURSE_SMTP_AUTH"
fi
# Extra configuration
! is_empty_value "$DISCOURSE_EXTRA_CONF_CONTENT" && echo "$DISCOURSE_EXTRA_CONF_CONTENT" >> "$DISCOURSE_CONF_FILE"
}
########################
# Wait until the database is accessible with the currently-known credentials
# Globals:
# *
# Arguments:
# $1 - database host
# $2 - database port
# $3 - database name
# $4 - database username
# $5 - database user password (optional)
# Returns:
# true if the database connection succeeded, false otherwise
#########################
discourse_wait_for_postgresql_connection() {
local -r db_host="${1:?missing database host}"
local -r db_port="${2:?missing database port}"
local -r db_name="${3:?missing database name}"
local -r db_user="${4:?missing database user}"
local -r db_pass="${5:-}"
check_postgresql_connection() {
echo "SELECT 1" | postgresql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass"
}
if ! retry_while "check_postgresql_connection"; then
error "Could not connect to the database"
return 1
fi
}
########################
# Wait until Redis is accessible
# Globals:
# *
# Arguments:
# $1 - Redis host
# $2 - Redis port
# Returns:
# true if the Redis connection succeeded, false otherwise
#########################
discourse_wait_for_redis_connection() {
local -r redis_host="${1:?missing Redis host}"
local -r redis_port="${2:?missing Redis port}"
if ! retry_while "debug_execute wait-for-port --timeout 5 --host ${redis_host} ${redis_port}"; then
error "Could not connect to Redis"
return 1
fi
}
########################
# Executes Bundler with the proper environment and the specified arguments and print result to stdout
# Globals:
# DISCOURSE_*
# Arguments:
# $1..$n - Arguments to pass to the CLI call
# Returns:
# None
#########################
discourse_bundle_execute_print_output() {
# Avoid creating unnecessary cache files at initialization time
local -a cmd=("bundle" "exec" "$@")
# Run as application user to avoid having to change permissions/ownership afterwards
am_i_root && cmd=("gosu" "$DISCOURSE_DAEMON_USER" "${cmd[@]}")
(
export RAILS_ENV="$DISCOURSE_ENV"
cd "$DISCOURSE_BASE_DIR" || false
"${cmd[@]}"
)
}
########################
# Executes Bundler with the proper environment and the specified arguments
# Globals:
# DISCOURSE_*
# Arguments:
# $1..$n - Arguments to pass to the CLI call
# Returns:
# None
#########################
discourse_bundle_execute() {
debug_execute discourse_bundle_execute_print_output "$@"
}
########################
# Executes the 'rake' CLI with the proper Bundler environment and the specified arguments and print result to stdout
# Globals:
# DISCOURSE_*
# Arguments:
# $1..$n - Arguments to pass to the CLI call
# Returns:
# None
#########################
discourse_rake_execute_print_output() {
discourse_bundle_execute_print_output "rake" "$@"
}
########################
# Executes the 'rake' CLI with the proper Bundler environment and the specified arguments
# Globals:
# DISCOURSE_*
# Arguments:
# $1..$n - Arguments to pass to the CLI call
# Returns:
# None
#########################
discourse_rake_execute() {
debug_execute discourse_rake_execute_print_output "$@"
}
########################
# Executes the commands specified via stdin in the Rails console for Discourse
# Globals:
# DISCOURSE_*
# Arguments:
# None
# Returns:
# None
#########################
discourse_console_execute() {
local rails_cmd
rails_cmd="$(</dev/stdin)"
debug "Executing script with console environment:\n${rails_cmd}"
discourse_bundle_execute ruby -e "$(cat <<EOF
require File.expand_path("/opt/bitnami/discourse/config/environment", __FILE__)
${rails_cmd}
EOF
)"
}
########################
# Create an admin user for Discourse
# Globals:
# DISCOURSE_*
# Arguments:
# $1 - Admin username
# $2 - Admin password
# $3 - Admin e-mail
# $4 - Admin full name
# Returns:
# None
#########################
discourse_ensure_admin_user_exists() {
local -r username="${1:?missing username}"
local -r password="${2:?missing password}"
local -r email="${3:?missing email}"
local -r full_name="${4:?missing full_name}"
# Based on logic from 'lib/tasks/admin.rake'
# We also try to avoid any error in case the user already exists
discourse_console_execute <<EOF
admin = User.find_by_email("${email}")
admin = User.new if admin.nil?
admin.username = "${username}"
admin.password = "${password}"
admin.email = "${email}"
admin.name = "${full_name}"
admin.active = true
admin.save
errors = admin.errors.full_messages
unless errors.empty?
puts errors.join("\\n")
exit 1
end
admin.grant_admin!
admin.activate
EOF
}
########################
# Set Discourse application hostname, for URLs generation
# Globals:
# DISCOURSE_*
# Arguments:
# $1 - Hostname
# Returns:
# None
#########################
discourse_set_hostname() {
local discourse_server_host="${1:?missing host}"
if is_boolean_yes "$DISCOURSE_ENABLE_HTTPS"; then
[[ "$DISCOURSE_EXTERNAL_HTTPS_PORT_NUMBER" != "443" ]] && discourse_server_host+=":${DISCOURSE_EXTERNAL_HTTPS_PORT_NUMBER}"
else
[[ "$DISCOURSE_EXTERNAL_HTTP_PORT_NUMBER" != "80" ]] && discourse_server_host+=":${DISCOURSE_EXTERNAL_HTTP_PORT_NUMBER}"
fi
discourse_conf_set "hostname" "$discourse_server_host"
}

151
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/libdiscoursesidekiq.sh Normal file
View File

@ -0,0 +1,151 @@
#!/bin/bash
#
# Bitnami Discourse library
# shellcheck disable=SC1091
# Load generic libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/libnet.sh
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/libpersistence.sh
. /opt/bitnami/scripts/libservice.sh
. /opt/bitnami/scripts/libdiscourse.sh
# Load database library
if [[ -f /opt/bitnami/scripts/libpostgresqlclient.sh ]]; then
. /opt/bitnami/scripts/libpostgresqlclient.sh
elif [[ -f /opt/bitnami/scripts/libpostgresql.sh ]]; then
. /opt/bitnami/scripts/libpostgresql.sh
fi
########################
# Ensure Discourse Sidekiq is initialized
# Globals:
# DISCOURSE_*
# Arguments:
# None
# Returns:
# None
#########################
discourse_sidekiq_initialize() {
local -a postgresql_remote_execute_args=("$DISCOURSE_DATABASE_HOST" "$DISCOURSE_DATABASE_PORT_NUMBER" "$DISCOURSE_DATABASE_NAME" "$DISCOURSE_DATABASE_USER" "$DISCOURSE_DATABASE_PASSWORD")
# This function will create required Sidekiq configuration, and wait for external services to be ready
# There is no additional configuration needed since Sidekiq is only a daemon that runs on top of Discourse code
if ! is_dir_empty "${DISCOURSE_BASE_DIR}/mounted-conf"; then
info "Detected mounted configuration files, copying to Discourse config directory"
cp -r "${DISCOURSE_BASE_DIR}/mounted-conf/"* "$DISCOURSE_CONF_DIR"
fi
if is_file_writable "$DISCOURSE_CONF_FILE"; then
if is_boolean_yes "$DISCOURSE_ENABLE_CONF_PERSISTENCE"; then
DISCOURSE_DATA_TO_PERSIST+=" ${DISCOURSE_CONF_FILE}"
# Avoid restarts causing config file recreation due to symlink still being present
rm -f "$DISCOURSE_CONF_FILE"
fi
info "Creating Discourse configuration file"
discourse_create_conf_file
fi
# Check if Discourse has already been initialized and persisted in a previous run
local -r app_name="discourse"
if ! is_app_initialized "$app_name"; then
# Ensure Discourse persisted directories exist (i.e. when a volume has been mounted to /bitnami)
info "Ensuring Sidekiq directories exist"
ensure_dir_exists "$DISCOURSE_VOLUME_DIR"
# Use daemon:root ownership for compatibility when running as a non-root user
am_i_root && configure_permissions_ownership "$DISCOURSE_VOLUME_DIR" -d "775" -f "664" -u "$DISCOURSE_DAEMON_USER" -g "root"
info "Trying to connect to the database server"
discourse_wait_for_postgresql_connection "${postgresql_remote_execute_args[@]}"
info "Trying to connect to the Redis server"
discourse_wait_for_redis_connection "$DISCOURSE_REDIS_HOST" "$DISCOURSE_REDIS_PORT_NUMBER"
info "Waiting for the Discourse database to be populated"
discourse_sidekiq_wait_for_migrations
info "Persisting Sidekiq installation"
persist_app "$app_name" "$DISCOURSE_DATA_TO_PERSIST"
else
info "Restoring persisted Discourse installation"
restore_persisted_app "$app_name" "$DISCOURSE_DATA_TO_PERSIST"
info "Trying to connect to the database server"
discourse_wait_for_postgresql_connection "${postgresql_remote_execute_args[@]}"
info "Trying to connect to the Redis server"
discourse_wait_for_redis_connection "$DISCOURSE_REDIS_HOST" "$DISCOURSE_REDIS_PORT_NUMBER"
fi
# Avoid exit code of previous commands to affect the result of this function
true
}
########################
# Wait until all Discourse migrations are executed
# Arguments:
# None
# Returns:
# Boolean
#########################
discourse_sidekiq_wait_for_migrations() {
# Wait for the database to be populated for up to 5 minutes
local -r retries="60"
local -r sleep_time="5"
check_migrations_done() {
local migrate_status
migrate_status="$(discourse_rake_execute_print_output db:migrate:status 2>&1)"
# Check that all migrations have been executed
[[ "$migrate_status" = *" up "* && ! "$migrate_status" = *" down "* ]]
}
if ! retry_while "check_migrations_done" "$retries" "$sleep_time"; then
error "Timeout waiting for the Discourse database to be populated"
return 1
fi
}
########################
# Check if sidekiq daemons are running
# Arguments:
# None
# Returns:
# Boolean
#########################
discourse_is_sidekiq_running() {
# sidekiq does not create any PID file
# We regenerate the PID file for each time we query it to avoid getting outdated
pgrep -f "^sidekiq" > "$DISCOURSE_SIDEKIQ_PID_FILE"
pid="$(get_pid_from_file "$DISCOURSE_SIDEKIQ_PID_FILE")"
if [[ -n "$pid" ]]; then
is_service_running "$pid"
else
false
fi
}
########################
# Check if sidekiq daemons are not running
# Arguments:
# None
# Returns:
# Boolean
#########################
discourse_is_sidekiq_not_running() {
! discourse_is_sidekiq_running
}
########################
# Stop sidekiq daemons
# Arguments:
# None
# Returns:
# None
#########################
discourse_sidekiq_stop() {
! discourse_is_sidekiq_running && return
stop_service_using_pid "$DISCOURSE_SIDEKIQ_PID_FILE"
}

417
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh Normal file
View File

@ -0,0 +1,417 @@
#!/bin/bash
#
# Bitnami PostgreSQL Client library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/libvalidations.sh
########################
# Validate settings in POSTGRESQL_CLIENT_* environment variables
# Globals:
# POSTGRESQL_CLIENT_*
# Arguments:
# None
# Returns:
# None
#########################
postgresql_client_validate() {
info "Validating settings in POSTGRESQL_CLIENT_* env vars"
local error_code=0
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
empty_password_enabled_warn() {
warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment."
}
empty_password_error() {
print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development."
}
# Only validate environment variables if any action needs to be performed
local -a database_names
read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")"
if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then
if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then
empty_password_enabled_warn
else
if [[ -z "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" ]]; then
empty_password_error "POSTGRESQL_CLIENT_POSTGRES_PASSWORD"
fi
if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && [[ -z "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]]; then
empty_password_error "POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD"
fi
fi
fi
# When enabling extensions, the DB name must be provided
local -a extensions
read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")"
if [[ "${#database_names[@]}" -le 0 && "${#extensions[@]}" -gt 0 ]]; then
print_validation_error "POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS requires POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES to be set."
fi
return "$error_code"
}
########################
# Perform actions to a database
# Globals:
# POSTGRESQL_CLIENT_*
# Arguments:
# None
# Returns:
# None
#########################
postgresql_client_initialize() {
local -a database_names
read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")"
# Wait for the database to be accessible if any action needs to be performed
if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then
info "Trying to connect to the database server"
check_postgresql_connection() {
echo "SELECT 1" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD"
}
if ! retry_while "check_postgresql_connection"; then
error "Could not connect to the database server"
return 1
fi
fi
# Ensure a database user exists in the server
if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]]; then
info "Creating database user ${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME}"
local -a args=("$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER")
[[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]] && args+=("-p" "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD")
postgresql_ensure_user_exists "${args[@]}"
fi
# Ensure a database exists in the server (and that the user has write privileges, if specified)
if [[ "${#database_names[@]}" -gt 0 ]]; then
local -a createdb_args extensions
read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")"
for database_name in "${database_names[@]}"; do
info "Creating database ${database_name}"
createdb_args=("$database_name" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER")
[[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && createdb_args+=("-u" "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME")
postgresql_ensure_database_exists "${createdb_args[@]}"
# Ensure the list of extensions are enabled in the specified database
if [[ "${#extensions[@]}" -gt 0 ]]; then
for extension_to_create in "${extensions[@]}"; do
echo "CREATE EXTENSION IF NOT EXISTS ${extension_to_create}" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "$database_name" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD"
done
fi
done
fi
# Execute a custom SQL script
if [[ -n "$POSTGRESQL_CLIENT_EXECUTE_SQL" ]]; then
info "Executing custom SQL script"
echo "$POSTGRESQL_CLIENT_EXECUTE_SQL" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD"
fi
# Avoid exit code of previous commands to affect the result of this function
true
}
########################
# Return PostgreSQL major version
# Globals:
# POSTGRESQL_*
# Arguments:
# None
# Returns:
# String
#########################
postgresql_get_major_version() {
psql --version | grep -oE "[0-9]+\.[0-9]+" | grep -oE "^[0-9]+"
}
########################
# Gets an environment variable name based on the suffix
# Arguments:
# $1 - environment variable suffix
# Returns:
# environment variable name
#########################
get_env_var_value() {
local env_var_suffix="${1:?missing suffix}"
local env_var_name
for env_var_prefix in POSTGRESQL POSTGRESQL_CLIENT; do
env_var_name="${env_var_prefix}_${env_var_suffix}"
if [[ -n "${!env_var_name:-}" ]]; then
echo "${!env_var_name}"
break
fi
done
}
########################
# Execute an arbitrary query/queries against the running PostgreSQL service and print the output
# Stdin:
# Query/queries to execute
# Globals:
# BITNAMI_DEBUG
# POSTGRESQL_*
# Arguments:
# $1 - Database where to run the queries
# $2 - User to run queries
# $3 - Password
# $4 - Extra options (eg. -tA)
# Returns:
# None
#########################
postgresql_execute_print_output() {
local -r db="${1:-}"
local -r user="${2:-postgres}"
local -r pass="${3:-}"
local opts
read -r -a opts <<<"${@:4}"
local args=("-U" "$user" "-p" "${POSTGRESQL_PORT_NUMBER:-5432}")
[[ -n "$db" ]] && args+=("-d" "$db")
[[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}")
# Execute the Query/queries from stdin
PGPASSWORD=$pass psql "${args[@]}"
}
########################
# Execute an arbitrary query/queries against the running PostgreSQL service
# Stdin:
# Query/queries to execute
# Globals:
# BITNAMI_DEBUG
# POSTGRESQL_*
# Arguments:
# $1 - Database where to run the queries
# $2 - User to run queries
# $3 - Password
# $4 - Extra options (eg. -tA)
# Returns:
# None
#########################
postgresql_execute() {
if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then
"postgresql_execute_print_output" "$@"
elif [[ "${NO_ERRORS:-false}" = true ]]; then
"postgresql_execute_print_output" "$@" 2>/dev/null
else
"postgresql_execute_print_output" "$@" >/dev/null 2>&1
fi
}
########################
# Execute an arbitrary query/queries against a remote PostgreSQL service and print to stdout
# Stdin:
# Query/queries to execute
# Globals:
# BITNAMI_DEBUG
# DB_*
# Arguments:
# $1 - Remote PostgreSQL service hostname
# $2 - Remote PostgreSQL service port
# $3 - Database where to run the queries
# $4 - User to run queries
# $5 - Password
# $6 - Extra options (eg. -tA)
# Returns:
# None
postgresql_remote_execute_print_output() {
local -r hostname="${1:?hostname is required}"
local -r port="${2:?port is required}"
local -a args=("-h" "$hostname" "-p" "$port")
shift 2
"postgresql_execute_print_output" "$@" "${args[@]}"
}
########################
# Execute an arbitrary query/queries against a remote PostgreSQL service
# Stdin:
# Query/queries to execute
# Globals:
# BITNAMI_DEBUG
# DB_*
# Arguments:
# $1 - Remote PostgreSQL service hostname
# $2 - Remote PostgreSQL service port
# $3 - Database where to run the queries
# $4 - User to run queries
# $5 - Password
# $6 - Extra options (eg. -tA)
# Returns:
# None
postgresql_remote_execute() {
if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then
"postgresql_remote_execute_print_output" "$@"
elif [[ "${NO_ERRORS:-false}" = true ]]; then
"postgresql_remote_execute_print_output" "$@" 2>/dev/null
else
"postgresql_remote_execute_print_output" "$@" >/dev/null 2>&1
fi
}
########################
# Optionally create the given database user
# Flags:
# -p|--password - database password
# --host - database host
# --port - database port
# Arguments:
# $1 - user
# Returns:
# None
#########################
postgresql_ensure_user_exists() {
local -r user="${1:?user is missing}"
local password=""
# For accessing an external database
local db_host=""
local db_port=""
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-p | --password)
shift
password="${1:?missing password}"
;;
--host)
shift
db_host="${1:?missing database host}"
;;
--port)
shift
db_port="${1:?missing database port}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
local -a postgresql_execute_cmd=("postgresql_execute")
[[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port")
local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)")
"${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <<EOF
DO
\$do\$
BEGIN
IF NOT EXISTS (
SELECT FROM pg_catalog.pg_roles WHERE rolname = '${user}'
) THEN
CREATE ROLE "${user}" LOGIN PASSWORD '${password}';
END IF;
END
\$do\$;
EOF
}
########################
# Ensure a user has all privileges to access a database
# Arguments:
# $1 - database name
# $2 - database user
# $3 - database host (optional)
# $4 - database port (optional)
# Returns:
# None
#########################
postgresql_ensure_user_has_database_privileges() {
local -r user="${1:?user is required}"
local -r database="${2:?db is required}"
local -r db_host="${3:-}"
local -r db_port="${4:-}"
local -a postgresql_execute_cmd=("postgresql_execute")
[[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port")
local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)")
debug "Providing privileges to username ${user} on database ${database}"
"${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <<EOF
GRANT ALL PRIVILEGES ON DATABASE "${database}" TO "${user}";
ALTER DATABASE "${database}" OWNER TO "${user}";
EOF
}
########################
# Optionally create the given database, and then optionally give a user
# full privileges on the database.
# Flags:
# -u|--user - database user
# --host - database host
# --port - database port
# Arguments:
# $1 - database name
# Returns:
# None
#########################
postgresql_ensure_database_exists() {
local -r database="${1:?database is missing}"
local user=""
# For accessing an external database
local db_host=""
local db_port=""
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-u | --user)
shift
user="${1:?missing database user}"
;;
--host)
shift
db_host="${1:?missing database host}"
;;
--port)
shift
db_port="${1:?missing database port}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
local -a postgresql_execute_cmd=("postgresql_execute")
[[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port")
local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)")
"${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <<EOF
SELECT 'CREATE DATABASE "${database}"'
WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = '${database}')\gexec
EOF
if [[ -n "$user" ]]; then
local -a grant_flags=("$user" "$database")
[[ -n "$db_host" ]] && grant_flags+=("$db_host")
[[ -n "$db_port" ]] && grant_flags+=("$db_port")
postgresql_ensure_user_has_database_privileges "${grant_flags[@]}"
fi
}
########################
# Retrieves the WAL directory in use by PostgreSQL / to use if not initialized yet
# Globals:
# REPMGR_*
# Arguments:
# None
# Returns:
# the path to the WAL directory, or empty if not set
#########################
postgresql_get_waldir() {
if [[ -L "${POSTGRESQL_DATA_DIR}/pg_wal" && -d "${POSTGRESQL_DATA_DIR}/pg_wal" ]]; then
readlink -f "${POSTGRESQL_DATA_DIR}/pg_wal"
else
# Uninitialized - using value from $POSTGRESQL_INITDB_WAL_DIR if set
echo "$POSTGRESQL_INITDB_WAL_DIR"
fi
}

86
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client-env.sh Normal file
View File

@ -0,0 +1,86 @@
#!/bin/bash
#
# Environment configuration for postgresql-client
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-postgresql-client}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# By setting an environment variable matching *_FILE to a file path, the prefixed environment
# variable will be overridden with the value specified in that file
postgresql_client_env_vars=(
ALLOW_EMPTY_PASSWORD
POSTGRESQL_CLIENT_DATABASE_HOST
POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER
POSTGRESQL_CLIENT_POSTGRES_USER
POSTGRESQL_CLIENT_POSTGRES_PASSWORD
POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES
POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME
POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD
POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS
POSTGRESQL_CLIENT_EXECUTE_SQL
POSTGRESQL_HOST
POSTGRESQL_PORT_NUMBER
POSTGRESQL_CLIENT_ROOT_USER
POSTGRESQL_POSTGRES_USER
POSTGRESQL_ROOT_USER
POSTGRESQL_CLIENT_ROOT_PASSWORD
POSTGRESQL_POSTGRES_PASSWORD
POSTGRESQL_ROOT_PASSWORD
POSTGRESQL_CLIENT_CREATE_DATABASE_NAME
POSTGRESQL_CLIENT_CREATE_DATABASE_USER
)
for env_var in "${postgresql_client_env_vars[@]}"; do
file_env_var="${env_var}_FILE"
if [[ -n "${!file_env_var:-}" ]]; then
if [[ -r "${!file_env_var:-}" ]]; then
export "${env_var}=$(< "${!file_env_var}")"
unset "${file_env_var}"
else
warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
fi
fi
done
unset postgresql_client_env_vars
# Paths
export POSTGRESQL_BASE_DIR="/opt/bitnami/postgresql"
export POSTGRESQL_BIN_DIR="$POSTGRESQL_BASE_DIR/bin"
export PATH="${POSTGRESQL_BIN_DIR}:${PATH}"
# PostgreSQL settings
export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}"
POSTGRESQL_CLIENT_DATABASE_HOST="${POSTGRESQL_CLIENT_DATABASE_HOST:-"${POSTGRESQL_HOST:-}"}"
export POSTGRESQL_CLIENT_DATABASE_HOST="${POSTGRESQL_CLIENT_DATABASE_HOST:-postgresql}"
POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER="${POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER:-"${POSTGRESQL_PORT_NUMBER:-}"}"
export POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER="${POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER:-5432}"
POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_CLIENT_ROOT_USER:-}"}"
POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_POSTGRES_USER:-}"}"
POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_ROOT_USER:-}"}"
export POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-postgres}" # only used during the first initialization
POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_CLIENT_ROOT_PASSWORD:-}"}"
POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_POSTGRES_PASSWORD:-}"}"
POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_ROOT_PASSWORD:-}"}"
export POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-}" # only used during the first initialization
POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES="${POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES:-"${POSTGRESQL_CLIENT_CREATE_DATABASE_NAME:-}"}"
export POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES="${POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES:-}" # only used during the first initialization
POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME="${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME:-"${POSTGRESQL_CLIENT_CREATE_DATABASE_USER:-}"}"
export POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME="${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME:-}" # only used during the first initialization
export POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD="${POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" # only used during the first initialization
export POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS="${POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS:-}" # only used during the first initialization
export POSTGRESQL_CLIENT_EXECUTE_SQL="${POSTGRESQL_CLIENT_EXECUTE_SQL:-}" # only used during the first initialization
# Custom environment variables may be defined below

19
containers/discourse/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh Executable file
View File

@ -0,0 +1,19 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libpostgresqlclient.sh
# Load PostgreSQL Client environment variables
. /opt/bitnami/scripts/postgresql-client-env.sh
# Ensure PostgreSQL Client environment variables settings are valid
postgresql_client_validate
# Ensure PostgreSQL Client is initialized
postgresql_client_initialize

31
containers/discourse/2/debian-11/rootfs/post-init.d/ruby.sh Executable file
View File

@ -0,0 +1,31 @@
#!/bin/bash
#
# Executes custom Ruby init scripts
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ "$custom_init_script" != *".rb" ]] && continue
info "Executing ${custom_init_script} with Ruby interpreter"
ruby "$custom_init_script" || failure=1
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
exit "$failure"

36
containers/discourse/2/debian-11/rootfs/post-init.d/shell.sh Executable file
View File

@ -0,0 +1,36 @@
#!/bin/bash
#
# Executes custom Bash init scripts
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ "$custom_init_script" != *".sh" ]] && continue
if [[ -x "$custom_init_script" ]]; then
info "Executing ${custom_init_script}"
"$custom_init_script" || failure="1"
else
info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail"
. "$custom_init_script"
fi
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
exit "$failure"

50
containers/discourse/2/debian-11/rootfs/post-init.d/sql-postgresql.sh Executable file
View File

@ -0,0 +1,50 @@
#!/bin/bash
#
# Executes custom PostgreSQL (.sql or .sql.gz) init scripts
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
postgresql_execute() {
local -r sql_file="${1:?missing file}"
if [[ -n "$POSTGRESQL_PASSWORD" ]]; then
export PGPASSWORD=$POSTGRESQL_PASSWORD
fi
local -a psql=("psql")
if [[ -n "${POSTGRESQL_USER:-}" ]]; then
psql+=("-U" "$POSTGRESQL_USER")
else
psql+=("-U" "$POSTGRESQL_USERNAME")
fi
if [[ "$sql_file" == *".sql" ]]; then
"${psql[@]}" -f "$sql_file" || failure=$?
elif [[ "$sql_file" == *".sql.gz" ]]; then
gunzip -c "$sql_file" | "${psql[@]}" || failure=$?
fi
return "$failure"
}
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ ! "$custom_init_script" =~ ^.*(\.sql|\.sql\.gz)$ ]] && continue
info "Executing ${custom_init_script}"
postgresql_execute "$custom_init_script" || failure=1
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
exit "$failure"

23
containers/discourse/2/debian-11/rootfs/post-init.sh Executable file
View File

@ -0,0 +1,23 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Only execute init scripts once
if [[ ! -f "/bitnami/discourse/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then
read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)"
if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/discourse/.user_scripts_initialized" ]]; then
mkdir -p "/bitnami/discourse"
for init_script in "${init_scripts[@]}"; do
for init_script_type_handler in /post-init.d/*.sh; do
"$init_script_type_handler" "$init_script"
done
done
fi
touch "/bitnami/discourse/.user_scripts_initialized"
fi

617
containers/discourse/README.md Normal file
View File

@ -0,0 +1,617 @@
# Discourse&reg; packaged by Bitnami
## What is Discourse&reg;?
> Discourse is an open source discussion platform with built-in moderation and governance systems that let discussion communities protect themselves from bad actors even without official moderators.
[Overview of Discourse&reg;](http://www.discourse.org/)
Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
## TL;DR
```console
$ curl -sSL https://raw.githubusercontent.com/bitnami/bitnami-docker-discourse/master/docker-compose.yml > docker-compose.yml
$ docker-compose up -d
```
**Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment.
## Why use Bitnami Images?
- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems.
- With Bitnami images the latest bug fixes and features are available as soon as possible.
- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs.
- All our images are based on [minideb](https://github.com/bitnami/minideb) a minimalist Debian based container image which gives you a small base container image and the familiarity of a leading Linux distribution.
- All Bitnami images available in Docker Hub are signed with [Docker Content Trust (DCT)](https://docs.docker.com/engine/security/trust/content_trust/). You can use `DOCKER_CONTENT_TRUST=1` to verify the integrity of the images.
- Bitnami container images are released on a regular basis with the latest distribution packages available.
## Supported tags and respective `Dockerfile` links
Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers/).
- [`2`, `2-debian-11`, `2.8.6`, `2.8.6-debian-11-r1`, `latest` (2/debian-11/Dockerfile)](https://github.com/bitnami/bitnami-docker-discourse/blob/2.8.6-debian-11-r1/2/debian-11/Dockerfile)
Subscribe to project updates by watching the [bitnami/discourse GitHub repo](https://github.com/bitnami/bitnami-docker-discourse).
## Get this image
The recommended way to get the Bitnami Discourse Docker Image is to pull the prebuilt image from the [Docker Hub Registry](https://hub.docker.com/r/bitnami/discourse).
```console
$ docker pull bitnami/discourse:latest
```
To use a specific version, you can pull a versioned tag. You can view the [list of available versions](https://hub.docker.com/r/bitnami/discourse/tags/) in the Docker Hub Registry.
```console
$ docker pull bitnami/discourse:[TAG]
```
If you wish, you can also build the image yourself.
```console
$ docker build -t bitnami/discourse:latest 'https://github.com/bitnami/bitnami-docker-discourse.git#master:2/debian-11'
```
## How to use this image
Discourse requires access to a PostgreSQL database to store information. We'll use the [Bitnami Docker Image for PostgreSQL](https://www.github.com/bitnami/bitnami-docker-postgresql) for the database requirements.
### Run the application using Docker Compose
The main folder of this repository contains a functional [`docker-compose.yml`](https://github.com/bitnami/bitnami-docker-discourse/blob/master/docker-compose.yml) file. Run the application using it as shown below:
```console
$ curl -sSL https://raw.githubusercontent.com/bitnami/bitnami-docker-discourse/master/docker-compose.yml > docker-compose.yml
$ docker-compose up -d
```
### Using the Docker Command Line
If you want to run the application manually instead of using `docker-compose`, these are the basic steps you need to run:
#### Step 1: Create a network
```console
$ docker network create discourse-network
```
#### Step 2: Create a volume for PostgreSQL persistence and create a PostgreSQL container
```console
$ docker volume create --name postgresql_data
$ docker run -d --name postgresql \
--env ALLOW_EMPTY_PASSWORD=yes \
--env POSTGRESQL_USERNAME=bn_discourse \
--env POSTGRESQL_PASSWORD=bitnami123 \
--env POSTGRESQL_DATABASE=bitnami_discourse \
--network discourse-network \
--volume postgresql_data:/bitnami/postgresql \
bitnami/postgresql:latest
```
#### Step 3: Create a volume for Redis persistence and create a Redis container
```console
$ docker volume create --name redis_data
$ docker run -d --name redis \
--env ALLOW_EMPTY_PASSWORD=yes \
--network discourse-network \
--volume redis_data:/bitnami/redis \
bitnami/redis:latest
```
#### Step 4: Create volumes for Discourse persistence and launch the container
```console
$ docker volume create --name discourse_data
$ docker run -d --name discourse \
-p 8080:8080 -p 8443:8443 \
--env ALLOW_EMPTY_PASSWORD=yes \
--env DISCOURSE_DATABASE_USER=bn_discourse \
--env DISCOURSE_DATABASE_PASSWORD=bitnami123 \
--env DISCOURSE_DATABASE_NAME=bitnami_discourse \
--env DISCOURSE_HOST=www.example.com \
--network discourse-network \
--volume discourse_data:/bitnami/discourse \
bitnami/discourse:latest
```
#### Step 5: Launch the Sidekiq container
```console
$ docker run -d --name sidekiq \
--network discourse-network \
--volume discourse_data:/bitnami/discourse \
bitnami/discourse:latest /opt/bitnami/scripts/discourse-sidekiq/run.sh
```
Access your application at `http://your-ip/`
### Troubleshooting discourse
If you need to run discourse administrative commands like [Create admin account from console](https://meta.discourse.org/t/create-admin-account-from-console/17274), you can do so by executing a shell inside the container and running with the proper environment variables.
```
cd /opt/bitnami/discourse
RAILS_ENV=production bundle exec rake admin:create
```
## Persisting your application
If you remove the container all your data will be lost, and the next time you run the image the database will be reinitialized. To avoid this loss of data, you should mount a volume that will persist even after the container is removed.
For persistence you should mount a directory at the `/bitnami/discourse` path. If the mounted directory is empty, it will be initialized on the first run. Additionally you should [mount a volume for persistence of the PostgreSQL data](https://github.com/bitnami/bitnami-docker-postgresql#persisting-your-database).
The above examples define the Docker volumes named `postgresql_data` and `discourse_data`. The Discourse application state will persist as long as volumes are not removed.
To avoid inadvertent removal of volumes, you can [mount host directories as data volumes](https://docs.docker.com/engine/tutorials/dockervolumes/). Alternatively you can make use of volume plugins to host the volume data.
### Mount host directories as data volumes with Docker Compose
This requires a minor change to the [`docker-compose.yml`](https://github.com/bitnami/bitnami-docker-discourse/blob/master/docker-compose.yml) file present in this repository:
```diff
postgresql:
...
volumes:
- - 'postgresql_data:/bitnami/postgresql'
+ - /path/to/postgresql-persistence:/bitnami/postgresql
...
redis:
...
volumes:
- - 'redis_data:/bitnami/redis'
+ - /path/to/redis-persistence:/bitnami/redis
...
discourse:
...
volumes:
- - 'discourse_data:/bitnami/discourse'
+ - /path/to/discourse-persistence:/bitnami/discourse
...
sidekiq:
...
volumes:
- - 'discourse_data:/bitnami/discourse'
+ - /path/to/discourse-persistence:/bitnami/discourse
...
-volumes:
- postgresql_data:
- driver: local
- redis_data:
- driver: local
- discourse_data:
- driver: local
```
### Mount host directories as data volumes using the Docker command line
#### Step 1: Create a network (if it does not exist)
```console
$ docker network create discourse-network
```
#### Step 2. Create a PostgreSQL container with host volume
```console
$ docker run -d --name postgresql \
--env ALLOW_EMPTY_PASSWORD=yes \
--env POSTGRESQL_USERNAME=bn_discourse \
--env POSTGRESQL_PASSWORD=bitnami123 \
--env POSTGRESQL_DATABASE=bitnami_discourse \
--network discourse-network \
--volume /path/to/postgresql-persistence:/bitnami/postgresql \
bitnami/postgresql:latest
```
#### Step 3. Create a Redis container with host volume
```console
$ docker run -d --name redis \
--env ALLOW_EMPTY_PASSWORD=yes \
--network discourse-network \
--volume /path/to/redis-persistence:/bitnami/redis \
bitnami/redis:latest
```
#### Step 4. Create the Discourse container with host volumes
```console
$ docker run -d --name discourse \
-p 8080:8080 -p 8443:8443 \
--env ALLOW_EMPTY_PASSWORD=yes \
--env DISCOURSE_DATABASE_USER=bn_discourse \
--env DISCOURSE_DATABASE_PASSWORD=bitnami123 \
--env DISCOURSE_DATABASE_NAME=bitnami_discourse \
--env DISCOURSE_HOST=www.example.com \
--network discourse-network \
--volume /path/to/discourse-persistence:/bitnami/discourse \
bitnami/discourse:latest
```
#### Step 5. Create the Sidekiq container with host volumes
```console
$ docker run -d --name sidekiq \
--network discourse-network \
--volume /path/to/discourse-persistence:/bitnami/discourse \
bitnami/discourse:latest
```
## Configuration
### Configuration files
You can mount your configuration files to the `/opt/bitnami/discourse/mounted-conf` directory. Make sure that your configuration files follow the standardized names used by Discourse. Some of the most common files include:
- `discourse.conf`
- `database.yml`
- `site_settings.yml`
The set of default standard configuration files may be found [here](https://github.com/discourse/discourse/tree/master/config). You may refer to the the Discourse [webpage](https://www.discourse.org/) for further details and specific configuration guides.
### Environment variables
When you start the Discourse image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable:
- For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/bitnami-docker-discourse/blob/master/docker-compose.yml) file present in this repository:
```yaml
discourse:
...
environment:
- DISCOURSE_PASSWORD=my_password
...
```
- For manual execution add a `--env` option with each variable and value:
```console
$ docker run -d --name discourse -p 80:8080 -p 443:8443 \
--env DISCOURSE_PASSWORD=my_password \
--network discourse-tier \
--volume /path/to/discourse-persistence:/bitnami \
bitnami/discourse:latest
```
Available environment variables:
##### User and Site configuration
- `DISCOURSE_ENABLE_HTTPS`: Whether to use HTTPS by default. Default: **no**
- `DISCOURSE_EXTERNAL_HTTP_PORT_NUMBER`: Port to used by WordPress to generate URLs and links when accessing using HTTP. Will be ignored if multisite mode is not enabled. Default **80**
- `DISCOURSE_EXTERNAL_HTTPS_PORT_NUMBER`: Port to used by WordPress to generate URLs and links when accessing using HTTPS. Will be ignored if multisite mode is not enabled. Default **443**
- `DISCOURSE_USERNAME`: Discourse application username. Default: **user**
- `DISCOURSE_PASSWORD`: Discourse application password. Default: **bitnami123**
- `DISCOURSE_EMAIL`: Discourse application email. Default: **user@example.com**
- `DISCOURSE_FIRST_NAME`: Discourse user first name. Default: **UserName**
- `DISCOURSE_LAST_NAME`: Discourse user last name. Default: **LastName**
- `DISCOURSE_SITE_NAME`: Discourse site name. Default: **My site!**
- `DISCOURSE_HOST`: Discourse hostname to create application URLs for features such as email notifications and emojis. It can be either an IP or a domain. Default: **www.example.com**
- `DISCOURSE_PRECOMPILE_ASSETS`: Whether to precompile assets during the initialization. Required when installing plugins. Default: **yes**
- `DISCOURSE_EXTRA_CONF_CONTENT`: Extra configuration to append to the `discourse.conf` configuration file. No defaults.
- `DISCOURSE_PASSENGER_SPAWN_METHOD`: Passenger method used for spawning application processes. Valid values: direct, smart. Default: **direct**
- `DISCOURSE_PASSENGER_EXTRA_FLAGS`: Extra flags to pass to the Passenger start command. No defaults.
- `DISCOURSE_PORT_NUMBER`: Port number in which Discourse will run. Default: **3000**
- `DISCOURSE_ENV`: Discourse environment mode. Allowed values: *development*, *production*, *test*. Default: **production**
- `DISCOURSE_ENABLE_CONF_PERSISTENCE`: Whether to enable persistence of the Discourse `discourse.conf` configuration file. Default: **no**
- `DISCOURSE_SKIP_BOOTSTRAP`: Whether to skip performing the initial bootstrapping for the application. This is necessary in case you use a database that already has Discourse data. Default: **no**
##### Database connection configuration
- `DISCOURSE_DATABASE_HOST`: Hostname for PostgreSQL server. Default: **postgresql**
- `DISCOURSE_DATABASE_PORT_NUMBER`: Port used by the PostgreSQL server. Default: **5432**
- `DISCOURSE_DATABASE_NAME`: Database name that Discourse will use to connect with the database. Default: **bitnami_discourse**
- `DISCOURSE_DATABASE_USER`: Database user that Discourse will use to connect with the database. Default: **bn_discourse**
- `DISCOURSE_DATABASE_PASSWORD`: Database password that Discourse will use to connect with the database. No defaults.
- `ALLOW_EMPTY_PASSWORD`: It can be used to allow blank passwords. Default: **no**
##### Redis connection configuration
- `DISCOURSE_REDIS_HOST`: Hostname for Redis(R). Default: **redis**
- `DISCOURSE_REDIS_PORT_NUMBER`: Port used by Redis(R). Default: **6379**
- `DISCOURSE_REDIS_PASSWORD`: Password for Redis(R).
##### Create a database for Discourse using postgresql-client
- `POSTGRESQL_CLIENT_DATABASE_HOST`: Hostname for the PostgreSQL server. Default: **postgresql**
- `POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER`: Port used by the PostgreSQL server. Default: **5432**
- `POSTGRESQL_CLIENT_POSTGRES_USER`: Database admin user. Default: **root**
- `POSTGRESQL_CLIENT_POSTGRES_PASSWORD`: Database password for the database admin user. No defaults.
- `POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES`: List of new databases to be created by the postgresql-client module. No defaults.
- `POSTGRESQL_CLIENT_CREATE_DATABASE_USER`: New database user to be created by the postgresql-client module. No defaults.
- `POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD`: Database password for the `POSTGRESQL_CLIENT_CREATE_DATABASE_USER` user. No defaults.
- `POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS`: PostgreSQL extensions to enable in the specified database during the first initialization. No defaults.
- `POSTGRESQL_CLIENT_EXECUTE_SQL`: SQL code to execute in the PostgreSQL server. No defaults.
- `ALLOW_EMPTY_PASSWORD`: It can be used to allow blank passwords. Default: **no**
##### SMTP Configuration
To configure Discourse to send email using SMTP you can set the following environment variables:
- `DISCOURSE_SMTP_HOST`: SMTP host.
- `DISCOURSE_SMTP_PORT`: SMTP port.
- `DISCOURSE_SMTP_USER`: SMTP account user.
- `DISCOURSE_SMTP_PASSWORD`: SMTP account password.
- `DISCOURSE_SMTP_PROTOCOL`: If specified, SMTP protocol to use. Allowed values: tls, ssl. No default.
- `DISCOURSE_SMTP_AUTH`: SMTP authentication method. Allowed values: *login*, *plain*, *cram_md5*. Default: **login**.
#### Examples
##### SMTP configuration using a Gmail account
This would be an example of SMTP configuration using a Gmail account:
- Modify the environment variables used for the `discourse` and `sidekiq` containers in the [`docker-compose.yml`](https://github.com/bitnami/bitnami-docker-discourse/blob/master/docker-compose.yml) file present in this repository:
```yaml
discourse:
...
environment:
...
- DISCOURSE_SMTP_HOST=smtp.gmail.com
- DISCOURSE_SMTP_PORT=587
- DISCOURSE_SMTP_USER=your_email@gmail.com
- DISCOURSE_SMTP_PASSWORD=your_password
- DISCOURSE_SMTP_PROTOCOL=tls
...
sidekiq:
...
environment:
...
- DISCOURSE_SMTP_HOST=smtp.gmail.com
- DISCOURSE_SMTP_PORT=587
- DISCOURSE_SMTP_USER=your_email@gmail.com
- DISCOURSE_SMTP_PASSWORD=your_password
- DISCOURSE_SMTP_PROTOCOL=tls
...
```
- For manual execution:
- First, create the Discourse container:
```console
$ docker run -d --name discourse -p 80:8080 -p 443:8443 \
--env DISCOURSE_DATABASE_USER=bn_discourse \
--env DISCOURSE_DATABASE_NAME=bitnami_discourse \
--env DISCOURSE_SMTP_HOST=smtp.gmail.com \
--env DISCOURSE_SMTP_PORT=587 \
--env DISCOURSE_SMTP_USER=your_email@gmail.com \
--env DISCOURSE_SMTP_PASSWORD=your_password \
--env DISCOURSE_SMTP_PROTOCOL=tls \
--network discourse-tier \
--volume /path/to/discourse-persistence:/bitnami \
bitnami/discourse:latest
```
- Then, create the Sidekiq container:
```console
$ docker run -d --name sidekiq \
--env DISCOURSE_DATABASE_USER=bn_discourse \
--env DISCOURSE_DATABASE_NAME=bitnami_discourse \
--env DISCOURSE_SMTP_HOST=smtp.gmail.com \
--env DISCOURSE_SMTP_PORT=587 \
--env DISCOURSE_SMTP_USER=your_email@gmail.com \
--env DISCOURSE_SMTP_PASSWORD=your_password \
--env DISCOURSE_SMTP_PROTOCOL=tls \
--network discourse-tier \
--volume /path/to/discourse-persistence:/bitnami \
bitnami/discourse:latest
```
In order to verify your configuration works properly, you can test your configuration parameters from the container itself.
```console
$ docker run -u root -it bitnami/discourse:latest bash
$ install_packages swaks
$ swaks --to your_email@domain.com --from your_email@domain.com --server your.smtp.server.com --auth LOGIN --auth-user your_email@domain.com -tls
```
See the [documentation on troubleshooting SMTP issues](https://docs.bitnami.com/general/how-to/troubleshoot-smtp-issues/) if there are problems.
##### Connect Discourse container to an existing database
The Bitnami Discourse container supports connecting the Discourse application to an external database. This would be an example of using an external database for Discourse.
- Modify the [`docker-compose.yml`](https://github.com/bitnami/bitnami-docker-discourse/blob/master/docker-compose.yml) file present in this repository:
```diff
discourse:
...
environment:
- - DISCOURSE_DATABASE_HOST=mariadb
+ - DISCOURSE_DATABASE_HOST=mariadb_host
- DISCOURSE_DATABASE_PORT_NUMBER=3306
- DISCOURSE_DATABASE_NAME=discourse_db
- DISCOURSE_DATABASE_USER=discourse_user
- - ALLOW_EMPTY_PASSWORD=yes
+ - DISCOURSE_DATABASE_PASSWORD=discourse_password
...
```
- For manual execution:
```console
$ docker run -d --name discourse\
-p 8080:8080 -p 8443:8443 \
--network discourse-network \
--env DISCOURSE_DATABASE_HOST=mariadb_host \
--env DISCOURSE_DATABASE_PORT_NUMBER=3306 \
--env DISCOURSE_DATABASE_NAME=discourse_db \
--env DISCOURSE_DATABASE_USER=discourse_user \
--env DISCOURSE_DATABASE_PASSWORD=discourse_password \
--volume discourse_data:/bitnami/discourse \
bitnami/discourse:latest
```
In case the database already contains data from a previous Discourse installation, you need to set the variable `DISCOURSE_SKIP_BOOTSTRAP` to `yes`. Otherwise, the container would execute the installation wizard and could modify the existing data in the database. Note that, when setting `DISCOURSE_SKIP_BOOTSTRAP` to `yes`, values for environment variables such as `DISCOURSE_USERNAME`, `DISCOURSE_PASSWORD` or `DISCOURSE_EMAIL` will be ignored.
## Logging
The Bitnami Discourse Docker image sends the container logs to `stdout`. To view the logs:
```console
$ docker logs discourse
```
Or using Docker Compose:
```console
$ docker-compose logs discourse
```
You can configure the containers [logging driver](https://docs.docker.com/engine/admin/logging/overview/) using the `--log-driver` option if you wish to consume the container logs differently. In the default configuration docker uses the `json-file` driver.
## Maintenance
### Backing up your container
To backup your data, configuration and logs, follow these simple steps:
#### Step 1: Stop the currently running container
```console
$ docker stop discourse
```
Or using Docker Compose:
```console
$ docker-compose stop discourse
```
#### Step 2: Run the backup command
We need to mount two volumes in a container we will use to create the backup: a directory on your host to store the backup in, and the volumes from the container we just stopped so we can access the data.
```console
$ docker run --rm -v /path/to/discourse-backups:/backups --volumes-from discourse busybox \
cp -a /bitnami/discourse /backups/latest
```
### Restoring a backup
Restoring a backup is as simple as mounting the backup as volumes in the containers.
For the PostgreSQL database container:
```diff
$ docker run -d --name postgresql \
...
- --volume /path/to/postgresql-persistence:/bitnami/postgresql \
+ --volume /path/to/postgresql-backups/latest:/bitnami/postgresql \
bitnami/postgresql:latest
```
For the Discourse container:
```diff
$ docker run -d --name discourse \
...
- --volume /path/to/discourse-persistence:/bitnami/discourse \
+ --volume /path/to/discourse-backups/latest:/bitnami/discourse \
bitnami/discourse:latest
```
### Upgrade this image
Bitnami provides up-to-date versions of PostgreSQL and Discourse, including security patches, soon after they are made upstream. We recommend that you follow these steps to upgrade your container. We will cover here the upgrade of the Discourse container. For the PostgreSQL upgrade see: https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#upgrade-this-image
The `bitnami/discourse:latest` tag always points to the most recent release. To get the most recent release you can simple repull the `latest` tag from the Docker Hub with `docker pull bitnami/discourse:latest`. However it is recommended to use [tagged versions](https://hub.docker.com/r/bitnami/discourse/tags/).
#### Step 1: Get the updated image
```console
$ docker pull bitnami/discourse:latest
```
#### Step 2: Stop the running container
Stop the currently running container using the command
```console
$ docker-compose stop discourse
```
#### Step 3: Take a snapshot of the application state
Follow the steps in [Backing up your container](#backing-up-your-container) to take a snapshot of the current application state.
#### Step 4: Remove the currently running container
Remove the currently running container by executing the following command:
```console
docker-compose rm -v discourse
```
#### Step 5: Run the new image
Update the image tag in `docker-compose.yml` and re-create your container with the new image:
```console
$ docker-compose up -d
```
# Notable Changes
### 2.7.0-debian-10-r4
- The size of the container image has been decreased.
- The configuration logic is now based on Bash scripts in the *rootfs/* folder.
### 2.4.4-debian-10-r8 release
- Discourse and Sidekiq now make use of the same volume to persist data. This solves issues related to being unable to locate some files generated on-demand by the Sidekiq job scheduler. Related issues: [#142](https://github.com/bitnami/bitnami-docker-discourse/issues/142)
### 2.3.2-debian-9-r48 and 2.3.2-ol-7-r47
- The Discourse container now uses Passenger's ['direct' process spawning method](https://www.phusionpassenger.com/docs/advanced_guides/in_depth/ruby/spawn_methods.html) (instead of the default 'smart'), which fixes a bug where settings would randomly revert back to the original values. This setting may cause an increase in memory usage. It is possible to configure the spawning method by setting the `DISCOURSE_PASSENGER_SPAWN_METHOD` environment variable. Related issues: [#107](https://github.com/bitnami/bitnami-docker-discourse/issues/107), [#109](https://github.com/bitnami/bitnami-docker-discourse/issues/109).
### 2.2.5-debian-9-r9 and 2.2.5-ol-7-r8
- It is now possible to import existing Discourse databases from other installations, as requested in [this ticket](https://github.com/bitnami/bitnami-docker-discourse/issues/82). In order to do this, use the environment variable `DISCOURSE_SKIP_INSTALL`, which forces the container not to run the initial Discourse setup wizard.
## Contributing
We'd love for you to contribute to this container. You can request new features by creating an [issue](https://github.com/bitnami/bitnami-docker-discourse/issues), or submit a [pull request](https://github.com/bitnami/bitnami-docker-discourse/pulls) with your contribution.
## Issues
If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/bitnami-docker-discourse/issues/new). Be sure to include the following information in your issue:
- Host OS and version
- Docker version (`docker version`)
- Output of `docker info`
- Version of this container
- The command you used to run the container, and any relevant output you saw (masking any sensitive information)
### Community supported solution
Please, note this asset is a community-supported solution. This means that the Bitnami team is not actively working on new features/improvements nor providing support through GitHub Issues. Any new issue will stay open for 20 days to allow the community to contribute, after 15 days without activity the issue will be marked as stale being closed after 5 days.
The Bitnami team will review any PR that is created, feel free to create a PR if you find any issue or want to implement a new feature.
New versions and releases cadence are not going to be affected. Once a new version is released in the upstream project, the Bitnami container image will be updated to use the latest version, supporting the different branches supported by the upstream project as usual.
## License
Copyright &copy; 2022 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

66
containers/discourse/docker-compose.yml Normal file
View File

@ -0,0 +1,66 @@
version: '2'
services:
postgresql:
image: docker.io/bitnami/postgresql:11
volumes:
- 'postgresql_data:/bitnami/postgresql'
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- POSTGRESQL_USERNAME=bn_discourse
- POSTGRESQL_DATABASE=bitnami_discourse
redis:
image: docker.io/bitnami/redis:7.0
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
volumes:
- 'redis_data:/bitnami/redis'
discourse:
image: docker.io/bitnami/discourse:2
ports:
- '80:3000'
volumes:
- 'discourse_data:/bitnami/discourse'
depends_on:
- postgresql
- redis
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- DISCOURSE_HOST=www.example.com
- DISCOURSE_DATABASE_HOST=postgresql
- DISCOURSE_DATABASE_PORT_NUMBER=5432
- DISCOURSE_DATABASE_USER=bn_discourse
- DISCOURSE_DATABASE_NAME=bitnami_discourse
- DISCOURSE_REDIS_HOST=redis
- DISCOURSE_REDIS_PORT_NUMBER=6379
- POSTGRESQL_CLIENT_POSTGRES_USER=postgres
- POSTGRESQL_CLIENT_CREATE_DATABASE_NAME=bitnami_discourse
- POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS=hstore,pg_trgm
sidekiq:
image: docker.io/bitnami/discourse:2
depends_on:
- discourse
volumes:
- 'sidekiq_data:/bitnami/discourse'
command: /opt/bitnami/scripts/discourse-sidekiq/run.sh
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- DISCOURSE_HOST=www.example.com
- DISCOURSE_DATABASE_HOST=postgresql
- DISCOURSE_DATABASE_PORT_NUMBER=5432
- DISCOURSE_DATABASE_USER=bn_discourse
- DISCOURSE_DATABASE_NAME=bitnami_discourse
- DISCOURSE_REDIS_HOST=redis
- DISCOURSE_REDIS_PORT_NUMBER=6379
volumes:
postgresql_data:
driver: local
redis_data:
driver: local
discourse_data:
driver: local
sidekiq_data:
driver: local