diff --git a/.gitignore b/.gitignore index bd48043..7a35c86 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,7 @@ archive/ config/ +settings/ data/ -logs/ \ No newline at end of file +logs/ +.env +test/opt/ \ No newline at end of file diff --git a/build b/build index 70b1ab1..4b45d61 100755 --- a/build +++ b/build @@ -1,8 +1,29 @@ +SDIR=$(dirname "$(realpath "$BASH_SOURCE")") build=${UDBUILD:-$(command -v udbuild)} if [[ $build ]];then -echo copying conf directory into image source before build -/bin/cp -R -p conf/. src/init/opt/caddy/conf -$build -a "$@" -else -echo can not find UCI Docker Build script, run ./install from the uci-docker-build repo + # by sourcing the build script and then calling the build function udbuild + # the build script environment will be availabe in this script + source $build + udbuild load_env_file $@ + udbuild build_src + echo caddy build source at $BUILD_SRC + if [[ $BUILD_CADDY_CONF ]]; then + CONF_DIR=${CONF_DIR:-${PWD}/conf} + if [[ -d $CONF_DIR ]]; then + mkdir -p ${BUILD_SRC}/init/caddy/conf + echo adding caddy conf/ directory $CONF_DIR to build + ls -la $CONF_DIR + /bin/cp -R $CONF_DIR/. ${BUILD_SRC}/init/caddy/conf + fi + fi + BUILD_PKGS=${BUILD_PKGS:-${PWD}/caddy.pkgs} + if [[ -f $BUILD_PKGS ]]; then + echo adding caddy packages at $BUILD_PKGS to build + /bin/cp $BUILD_PKGS ${BUILD_SRC}/init/caddy.pkgs + fi + udbuild "$@" + rm -rf ${BUILD_SRC}/init/caddy/conf/ + rm -f ${BUILD_SRC}/init/caddy.pkgs + else + echo can not find UCI Docker Build script, run ./install from the uci-docker-build repo fi \ No newline at end of file diff --git a/deploy/conf/Caddyfile b/deploy/conf/Caddyfile new file mode 100644 index 0000000..69d814a --- /dev/null +++ b/deploy/conf/Caddyfile @@ -0,0 +1,17 @@ +# you can use a custom confiuration file +# copy this to say my.conf +# then in .env use CONF=my +# and my.conf will be used instead of Caddyfile +*.mydomain.net { + + tls email@gmail.com { + dns route53 { + max_retries 10 + } + } + + @portainer host docker.mydomain.net + handle @portainer { + reverse_proxy 10.0.0.5:9000 + } +} \ No newline at end of file diff --git a/deploy/conf/caddy.pkgs b/deploy/conf/caddy.pkgs new file mode 100755 index 0000000..3ded957 --- /dev/null +++ b/deploy/conf/caddy.pkgs @@ -0,0 +1,5 @@ +# comment lines are ignored thus a way to disable adding a package +# caddy.pkgs in the conf folder are added at run time +# alternatively packages can be baked in to an image during build, see docs +# github.com/caddy-dns/route53 +# github.com/greenpau/caddy-security diff --git a/deploy/conf/my.conf b/deploy/conf/my.conf new file mode 100644 index 0000000..d2b19f0 --- /dev/null +++ b/deploy/conf/my.conf @@ -0,0 +1,13 @@ +*.mydomain.net { + + tls email@gmail.com { + dns route53 { + max_retries 10 + } + } + + @portainer host docker.mydomain.net + handle @portainer { + reverse_proxy 10.0.0.5:9000 + } +} \ No newline at end of file diff --git a/docker-compose.yaml b/deploy/docker-compose.yaml similarity index 57% rename from docker-compose.yaml rename to deploy/docker-compose.yaml index df15537..5c318c8 100644 --- a/docker-compose.yaml +++ b/deploy/docker-compose.yaml @@ -1,34 +1,34 @@ -# Example usage - services: caddy: container_name: ${NAME:-caddy} image: ${IMAGE:-caddy} # if no $CONF is given then Caddyfile in ${PWD}/conf:/opt/caddy/conf will be used - command: /opt/caddy/caddy run $CONF + command: caddy run ${CONF} hostname: ${NAME:-caddy} env_file: - $CREDENTIALS volumes: - data:/opt/caddy/data - - config:/opt/caddy/config + - settings:/opt/caddy/settings - conf:/opt/caddy/conf restart: unless-stopped ports: - 80:80 - 443:443 - 2019:2019 +# binding data and settings are not required +# But if there volumes are deleted caddy will need to redo all the certs volumes: data: - driver_opts: - type: none - device: ${PWD}/data - o: bind - config: - driver_opts: - type: none - device: ${PWD}/config - o: bind + # driver_opts: + # type: none + # device: ${PWD}/data + # o: bind + settings: + # driver_opts: + # type: none + # device: ${PWD}/config + # o: bind conf: driver_opts: type: none diff --git a/deploy/example.env b/deploy/example.env new file mode 100644 index 0000000..c1aa867 --- /dev/null +++ b/deploy/example.env @@ -0,0 +1,12 @@ +# copy to .env and edit to suit +COMPOSE_PROJECT_NAME=caddy +# default NAME is caddy +# NAME=$COMPOSE_PROJECT_NAME +# to use a deployed image +# IMAGE=mydockerhubaccount/caddy-r53 +# will use Caddyfile unless CONF is set +# this file should be in /conf on your host (e.g. my.conf) +# CONF=my +# this is a package specific environment example +# creditials required for route 53, this is package specific +# CREDENTIALS=/path/to/aws-credentials.env diff --git a/deploy/logs b/deploy/logs new file mode 100755 index 0000000..133af74 --- /dev/null +++ b/deploy/logs @@ -0,0 +1,3 @@ +[[ $1 ]] && opt="-n $1" +[[ $1 == "f" ]] && opt="-f" +docker-compose logs $opt \ No newline at end of file diff --git a/deploy/readme.md b/deploy/readme.md new file mode 100644 index 0000000..f4f0c44 --- /dev/null +++ b/deploy/readme.md @@ -0,0 +1,21 @@ +use this deploy directory to deploy your uci caddy image to a container on a target machine. + +requires docker-compose to be installed +copy example.env to .env and edit accordingly +decide if you want to bind mount the data and settings directories +if so uncomment them in the compose file +in the conf/ directory put your conf file and a caddy.pkgs file if needed +and either edit the Caddyfile therein or create a .conf file with caddyfile settings + +As to the image used it will either come from a repository (i.e. docker hub) or must be built on this machine. + +If the former then the suggested approach is to copy this directory `deploy` onto the target machine to run caddy and rename it to `caddy`. This means you created a caddy image using this repository (and uci-docker-build) on another machine. See the readme.md. You'll need to use the "publish" script. + +Otherwise you'll need to clone the uci-docker-build repository and install it to this machine first. Then you will need to build a local image. Then use that name in your .env file. This also means instead of running the upgrade command you'll need to run the build command and then restart the container. + +copy example.env to .env and edit accordingly +decide if you want to bind mount the data and settings directories +if so uncomment them in the compose file +in the conf/ directory put your conf file and a caddy.pkgs file if needed +and either edit the Caddyfile therein or create a .conf file with caddyfile settings +Set the correct IMAGE= for the image you'll be using, either locally build or from a repo. \ No newline at end of file diff --git a/deploy/restart b/deploy/restart new file mode 100755 index 0000000..c73f489 --- /dev/null +++ b/deploy/restart @@ -0,0 +1,3 @@ +#!/bin/bash +./stop +./start diff --git a/deploy/run b/deploy/run new file mode 100755 index 0000000..83ed0d0 --- /dev/null +++ b/deploy/run @@ -0,0 +1 @@ +docker-compose up diff --git a/deploy/scrub b/deploy/scrub new file mode 100755 index 0000000..9e84b2c --- /dev/null +++ b/deploy/scrub @@ -0,0 +1 @@ +docker-compose down -v diff --git a/deploy/start b/deploy/start new file mode 100755 index 0000000..9cd5f1c --- /dev/null +++ b/deploy/start @@ -0,0 +1,5 @@ +echo upping the max size of the host buffer +echo net.core.rmem_max=2500000 | sudo tee -a /etc/sysctl.conf +# confirm +sudo sysctl -p | grep rmem_max +docker-compose up -d diff --git a/stop b/deploy/stop similarity index 100% rename from stop rename to deploy/stop diff --git a/term b/deploy/term similarity index 100% rename from term rename to deploy/term diff --git a/deploy/upgrade b/deploy/upgrade new file mode 100755 index 0000000..34323fd --- /dev/null +++ b/deploy/upgrade @@ -0,0 +1,4 @@ +#!/bin/bash +./stop +docker-compose pull +./start diff --git a/dev/build b/dev/build deleted file mode 100755 index 1903be4..0000000 --- a/dev/build +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -build=${UDBUILD:-$(command -v udbuild)} -if [[ $build ]];then -DIR=$(dirname "$(realpath "$BASH_SOURCE")") -$build -t dev -e $DIR/build.env "$@" -else -echo can not find UCI Docker Build script, run ./install from the uci-docker-build repo -fi - diff --git a/dev/build.env b/dev/build.env deleted file mode 100644 index 167fd62..0000000 --- a/dev/build.env +++ /dev/null @@ -1,4 +0,0 @@ -BASE_IMAGE=ucommandit/alpine -BUILD_SRC=../src -RUSER=ucommandit -NAME=caddy diff --git a/dev/try b/dev/try deleted file mode 100755 index 1dd0e31..0000000 --- a/dev/try +++ /dev/null @@ -1 +0,0 @@ -udbuild try -e aws-credentials.env -m opt/caddy -h mnt/caddy -k ucommandit/caddy "$@" diff --git a/publish/caddy.pkgs b/publish/caddy.pkgs new file mode 100644 index 0000000..34ee091 --- /dev/null +++ b/publish/caddy.pkgs @@ -0,0 +1,8 @@ +# any uncommented packages here in this file +# in this directory will be baked into the +# published image, alternatively a caddy.pkgs +# file in the mounted conf/ directory can add +# packages at runtime +# github.com/caddy-dns/route53 + + diff --git a/dev/deploy b/publish/publish similarity index 68% rename from dev/deploy rename to publish/publish index ff9190b..66c1cab 100755 --- a/dev/deploy +++ b/publish/publish @@ -1,4 +1,6 @@ #!/bin/bash DIR=$(dirname "$(realpath "$BASH_SOURCE")") -$DIR/build -t deploy +pushd $DIR +../build +popd diff --git a/publish/publish.env b/publish/publish.env new file mode 100644 index 0000000..a40e4ea --- /dev/null +++ b/publish/publish.env @@ -0,0 +1,14 @@ +# copy to .env and edit to suit +NAME=caddy-r53 +TARGET=publish +# change to your dockerub account +RUSER=myusername +# Will use dockerhub official base alpine image unless used here +# BASE_IMAGE=ucommandit/alpine +# will find src/ but setting this will speed it up +BUILD_SRC=../src +# version is latest unless used here +# TAG=2.1.5 +# to bake packages into the image use this +# or create caddy.pkgs in the current directory +# BUILD_PKGS=r53.pkg diff --git a/readme.md b/readme.md index c49843b..59b99d9 100755 --- a/readme.md +++ b/readme.md @@ -1,8 +1,22 @@ -#!/bin/bash -clone repo -in conf folder edit Caddyfile (or create your own conf) and edit caddy.pkgs -edit .env accordingly -You can use an image from a repository or build your own locally -echo now execute the .run-log script to make sure caddy runs ok. -then execute the the start script for detached container +## BUILDING + +### Testing + +### Publishing + +## DEPLOYING + + + + + + + +# NOTES + +https://github.com/quic-go/quic-go/wiki/UDP-Receive-Buffer-Size +on host persistent increase kernel buffer size +echo net.core.rmem_max=2500000 | sudo tee -a /etc/sysctl.conf +# confirm +sudo sysctl -p | grep rmem_max \ No newline at end of file diff --git a/restart b/restart deleted file mode 100755 index 6c18257..0000000 --- a/restart +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -docker-compose down -docker-compose up -d diff --git a/run-log b/run-log deleted file mode 100755 index 1c14986..0000000 --- a/run-log +++ /dev/null @@ -1,2 +0,0 @@ -mkdir data conf config > /dev/null 2>&1 -docker-compose up diff --git a/src/init/opt/caddy/caddy b/src/init/bin/caddy similarity index 64% rename from src/init/opt/caddy/caddy rename to src/init/bin/caddy index 7c1f965..872aca8 100755 --- a/src/init/opt/caddy/caddy +++ b/src/init/bin/caddy @@ -3,10 +3,14 @@ caddy () { if [[ ! $CADDY_HOME ]]; then - if [[ -f /opt/caddy/caddy.env ]]; then - source /opt/caddy/caddy.env + echo caddy run environment is NOT set + echo this is an error as the image build should set this + echo attempting to recover by sourcing the environment now + echo at $ENV_DIR/caddy.env + if [[ -f $ENV_DIR/caddy.env ]]; then + source $ENV_DIR/caddy.env else - echo default environment can not be sourced at /opt/caddy/caddy.env + echo default environment can not be sourced at $ENV_DIR/caddy.env return 1 fi fi @@ -15,9 +19,16 @@ fi [ ! -f "$CADDY_BIN" ] && echo caddy binary file at $CADDY_BIN does not exist && return 1 [ ! -x "$CADDY_BIN" ] && echo caddy binary file $CADDY_BIN is not executable && return 1 +source $LIB_DIR/caddy.lib + case "$1" in shell) - /bin/bash -c "cd $CADDY_HOME; exec bash -l" + shift 1 + if [[ $# -eq 0 ]]; then + /bin/bash -l + else + /bin/bash -l -c '"$@"' "$0" "$@" + fi ;; run) shift 1 @@ -29,6 +40,7 @@ case "$1" in conf=Caddyfile fi if [[ -f $conf ]]; then + caddy_add_packages echo running: $CADDY_BIN run --config $conf --adapter caddyfile $CADDY_BIN run --config $conf --adapter caddyfile else @@ -37,7 +49,7 @@ case "$1" in fi ;; *) - $CADDY_BIN/caddy "$@" + $CADDY_BIN "$@" esac diff --git a/src/init/build.env b/src/init/build.env new file mode 100644 index 0000000..1de7ccb --- /dev/null +++ b/src/init/build.env @@ -0,0 +1,3 @@ +source $ENV_DIR/run.env +export ENTRYPOINT_CMD=caddy +export ENTRYPOINT_CMD_PATH=$BIN_DIR/caddy \ No newline at end of file diff --git a/src/init/env/caddy.env b/src/init/env/caddy.env new file mode 100644 index 0000000..e49c21a --- /dev/null +++ b/src/init/env/caddy.env @@ -0,0 +1,6 @@ +export CADDY_HOME=${CADDY_HOME:-/opt/caddy} +export XDG_CONFIG_HOME=$CADDY_HOME/settings +export XDG_DATA_HOME=$CADDY_HOME/data +export CADDY_CONF=$CADDY_HOME/conf +export CADDY_BIN=$CADDY_HOME/bin/caddy +export CADDY_LIB=$LIB_DIR/caddy.lib \ No newline at end of file diff --git a/src/init/env/run.env b/src/init/env/run.env new file mode 100644 index 0000000..6c42ae1 --- /dev/null +++ b/src/init/env/run.env @@ -0,0 +1,3 @@ +# will be sourced when "login" action is run via /etc/profile +source $ENV_DIR/caddy.env +export VOLUME_DIRS="$XDG_CONFIG_HOME $XDG_DATA_HOME $CADDY_CONF" \ No newline at end of file diff --git a/src/init/init.sh b/src/init/init.sh index ba41ad0..0c70933 100755 --- a/src/init/init.sh +++ b/src/init/init.sh @@ -1,12 +1,35 @@ #!/bin/bash -# set -eu -echo -e "*************************" -/bin/cp -R -p opt/. /opt -chown -R 1000:1000 /opt -# ls -la /opt -# ls -la /opt/caddy -echo -e "*************************" -source /opt/caddy/caddy.env -# || { echo no file /opt/caddy/caddy.env; exit 1; } -source $CADDY_LIB -caddy_install_bin +# set -e +echo -e "********** Caddy Setup and Install ***************" +if [[ $(env | grep CADDY_LIB) ]]; then + mkdir -p $CADDY_HOME 2> /dev/null + if [[ -d caddy/ ]]; then + echo "copying caddy/ to $CADDY_HOME" + /bin/cp -R -p caddy/. $CADDY_HOME + fi + pushd $CADDY_HOME || exit 2 + echo making caddy subdirectories $PWD + mkdir data conf settings bin 2> /dev/null + popd + chown -R 1000:1000 $CADDY_HOME + echo -e "------------------" + echo $CADDY_HOME + ls -la $CADDY_HOME + echo $CADDY_CONF + ls -la $CADDY_CONF + echo -e "-------------------" + source $CADDY_LIB + if caddy_install_bin; then + caddy_add_packages + else + echo ERROR: unable to install caddy binary + echo Image will not function + fi + else + echo ERROR: caddy build environment not set + echo see env/build.env in source directory + cat /opt/env/build.env + cat /opt/env/run.env + echo build aborted +fi +echo -e "********** Done: Caddy Setup and Install ***************" diff --git a/src/init/lib/caddy.lib b/src/init/lib/caddy.lib new file mode 100644 index 0000000..588de8e --- /dev/null +++ b/src/init/lib/caddy.lib @@ -0,0 +1,114 @@ +#!/bin/bash + +caddy_add_packages () { + local ifile; local bin; local pkgs; local pkg; local ipkgs + clean () { + local tmp;local tmp2; local append + if [[ -f $1 ]]; then + tmp=$(sed '/^[[:space:]]*#[^!]/d; /#$/d' $1) + else + tmp=$1 + fi + echo "$tmp $2" | xargs -n1 | sort -u | xargs | sed "s# # #g" + + } + [[ -f $1 ]] && pkgs=" $(clean $1)" + [[ $BUILDING && -f $BUILD_DIR/caddy.pkgs ]] && pkgs=$(clean $BUILD_DIR/caddy.pkgs "$pkgs") + # echo pkgs after build + # echo $pkgs + [[ -f $CADDY_CONF/caddy.pkgs ]] && pkgs=$(clean $CADDY_CONF/caddy.pkgs "$pkgs") + # echo pkgs after conf + # echo $pkgs + [[ ! $pkgs ]] && echo "no packages requested, nothing to do" && return 0 + echo "--- packages requested to install ----" + echo $pkgs + echo "-----------" + ifile=${CADDY_HOME}/bin/installed.pkgs + # uncomment for testing + # /bin/cp installed.pkgs $ifile + [[ -f $ifile ]] && ipkgs=$(clean $ifile) + echo "--- currently installed packages ----" + [[ $ipkgs ]] && echo $ipkgs || echo NONE + echo "-----------" + for pkg in $ipkgs; do + # echo installed packaged $pkg + pkgs=${pkgs/${pkg}/}; + done + [[ ! $(clean $pkgs) ]] && echo "no new packages to add, nothing to do" && return 0 + echo "--- packages that need adding ----" + echo $pkgs + echo "-----------" + bin=${2:-$CADDY_BIN} + bin=${bin:-$(command -v caddy)} + # [[ ! $bin ]] && echo no caddy binary found && return 1 + [[ ! -x $bin ]] && echo ERROR: can not add packages, no caddy binary found at $bin && return 1 + echo "------- ADDING CADDY PACKAGES ------------" + if ! $bin add-package $pkgs >/dev/null 2>&1; then + echo Error: Aborting further package installs and reverting to last good binary + return 2 + else + echo packages + echo $pkgs + echo added successfully + echo $pkgs >> $CADDY_HOME/bin/installed.pkgs + echo "---" + echo currently installed packages + cat $CADDY_HOME/bin/installed.pkgs + echo installed modules from these packages + $bin list-modules | sed '1,/Standard modules/d;/Non-standard modules/,$d' + echo "-----------------------------------" + fi +} + +caddy_checksum () { + echo "verifying checksum of $2" + source $LIB_DIR/github.lib + local download=$(github_asset caddyserver caddy $1 caddy_$(echo ${1})_checksums.txt) + echo checksum file to download: $download + wget -q -O /tmp/caddy_checksum $download + # cat /tmp/caddy_checksum + local sha=$(grep $2 /tmp/caddy_checksum | cut -d " " -f1) + # echo $sha + # sha512sum $3 + # must have TWO spaces in echo command! + echo "$sha $3" | sha512sum -c >/dev/null 2>&1; + ret=$? + rm -r /tmp/caddy_checksum + return $ret +} + +caddy_install_bin () { + echo in caddy binary install + local arch; local download; local caddytar + source $LIB_DIR/github.lib + source $LIB_DIR/getarch.sh + arch=$(get_arch) + [[ ! $arch ]] && echo unable to determine build architecture && return 1 + ver=${CADDY_VER:-$(github_latest caddyserver caddy | sed 's/^v//')}; + [[ ! $ver ]] && echo unable to determine caddy version && return 1 + echo "---FETCHING AND INSTALLING CADDY BINARY v$ver for $arch ------------" + caddytar="caddy_${ver}_linux_${arch}.tar.gz" + download=$(github_asset caddyserver caddy $ver $caddytar) + echo "github_asset caddyserver caddy $ver $caddytar" + echo caddy version: $ver + echo caddy tarball: $caddytar + echo getting tarball from: $download + if wget -q -O /tmp/caddy.tar.gz $download; then + if caddy_checksum $ver $caddytar /tmp/caddy.tar.gz; then + echo download tarball verified + tar x -z -f /tmp/caddy.tar.gz -C $CADDY_HOME/bin caddy + rm -f /tmp/caddy.tar.gz + chmod +x $CADDY_BIN + setcap cap_net_bind_service=+ep $CADDY_BIN + chmod +x $CADDY_BIN + echo "caddy binary successfully installed version: $($CADDY_BIN version)" + else + echo file "$download failed checksum, install terminated" + return 2 + fi + else + echo failed to fetch $download, install terminated + return 1 + fi + echo "----------------------------------" +} diff --git a/src/init/lib/getarch.sh b/src/init/lib/getarch.sh new file mode 100755 index 0000000..ff2ec5f --- /dev/null +++ b/src/init/lib/getarch.sh @@ -0,0 +1,22 @@ + + +get_arch () { + local arch + arch=$(uname -m) + [[ ! $arch ]] && return 1 + case $arch in + x86_64) binArch='amd64' ;; + armhf) binArch='armv6' ;; + armv7) binArch='armv7' ;; + aarch64) binArch='arm64' ;; + ppc64el|ppc64le) binArch='ppc64le' ;; + s390x) binArch='s390x' ;; + .*386.*) binArch='amd32' ;; + *) return 2 ;;\ + esac; + echo $binArch +} + +(return 0 2>/dev/null) || get_arch + + diff --git a/src/init/lib/github.lib b/src/init/lib/github.lib new file mode 100644 index 0000000..cc4148b --- /dev/null +++ b/src/init/lib/github.lib @@ -0,0 +1,29 @@ +#!/bin/bash + +export GITHUB_REPOS=https://api.github.com/repos + +github_latest() { + local endpoint=$GITHUB_REPOS/$1/$2/releases/latest + local auth; local res + [[ $GITHUB_TOKEN ]] && auth="-u $GITHUB_USER:$GITHUB_TOKEN" + if ! res=$(curl $auth -s $endpoint); then + return 1 + fi + echo $res| jq .name -r +} + +github_asset () { +# user repo version asset + +asset_url=$(curl -s "$GITHUB_REPOS/$1/$2/releases/tags/v$3" \ + | jq --arg aname "$4" -r '.assets[] | select(.name == $aname).browser_download_url' \ + | head -1) + +if [ -z "${asset_url}" ]; then + return 1 +fi + +echo $asset_url + +} + diff --git a/src/init/opt/caddy/caddy.env b/src/init/opt/caddy/caddy.env deleted file mode 100644 index 250aa60..0000000 --- a/src/init/opt/caddy/caddy.env +++ /dev/null @@ -1,6 +0,0 @@ -export CADDY_HOME="$(realpath $(dirname ${BASH_SOURCE[0]}))" -export XDG_CONFIG_HOME=$CADDY_HOME/config -export XDG_DATA_HOME=$CADDY_HOME/data -export CADDY_CONF=$CADDY_HOME/conf -export CADDY_BIN=$CADDY_HOME/bin/caddy -export CADDY_LIB=$CADDY_HOME/caddy.lib \ No newline at end of file diff --git a/src/init/opt/caddy/caddy.lib b/src/init/opt/caddy/caddy.lib deleted file mode 100644 index a01cf69..0000000 --- a/src/init/opt/caddy/caddy.lib +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/bash - -caddy_add_packages () { - local bin; local repos; local pkgs; local pkg - [[ ! -f $1 ]] && echo "cannot find file $1 of packages, nothing to add" && return 0 - bin=${2:-$CADDY_BIN} - bin=${bin:-$(command -v caddy)} - [[ ! $bin ]] && echo no caddy binary found && return 1 - pkgs=$(sed '/^[[:space:]]*#[^!]/d; /#$/d' $1) - echo caddy pkgs to be added: - echo $pkgs - if ! $bin add-package $pkgs >/dev/null 2>&1; then - echo Error: Aborting further package installs and reverting to last good binary - return 2 - else - echo packages added successfully - $bin list-modules | grep -E -A15 "Standard modules:" - fi -} - -caddy_checksum () { - echo "verifying checksum of $2" - source /opt/scripts/github.lib - local download=$(github_asset caddyserver caddy $1 caddy_$(echo ${1})_checksums.txt) - echo checksum file to download: $download - wget -q -O /tmp/caddy_checksum $download - # cat /tmp/caddy_checksum - local sha=$(grep $2 /tmp/caddy_checksum | cut -d " " -f1) - # echo $sha - # sha512sum $3 - # must have TWO spaces in echo command! - echo "$sha $3" | sha512sum -c >/dev/null 2>&1; - ret=$? - rm -r /tmp/caddy_checksum - return $ret -} - - - -caddy_install_bin () { - - source /opt/scripts/github.lib - arch=$(/opt/scripts/getarch.sh) - ver=${CADDY_VER:-$(github_latest caddyserver caddy | sed 's/^v//')} - caddytar="caddy_${ver}_linux_${arch}.tar.gz" - download=$(github_asset caddyserver caddy $ver $caddytar) - # echo "github_asset caddyserver caddy $ver $caddytar" - echo caddy version: $ver - echo caddy tarball: $caddytar - echo getting tarball from: $download - wget -q -O /tmp/caddy.tar.gz $download - if caddy_checksum $ver $caddytar /tmp/caddy.tar.gz; then - echo download tarball verified - tar x -z -f /tmp/caddy.tar.gz -C $CADDY_HOME/bin caddy - rm -f /tmp/caddy.tar.gz - chmod +x $CADDY_BIN - setcap cap_net_bind_service=+ep $CADDY_BIN - chmod +x $CADDY_BIN - $CADDY_BIN version - if ! caddy_add_packages $CADDY_CONF/caddy.pkgs; then - return 4 - fi - fi -} diff --git a/src/packages/packages.sh b/src/packages/packages.sh index ea2a9b3..33b90a6 100644 --- a/src/packages/packages.sh +++ b/src/packages/packages.sh @@ -1,8 +1,8 @@ #!/bin/sh echo install packages for alpine caddy apk update; apk upgrade; -apk add --no-cache ca-certificates libcap mailcap git jq bash curl -# wget -O /etc/caddy/Caddyfile "https://github.com/caddyserver/dist/raw/{{ .config.dist_commit }}/config/Caddyfile"; \ -# wget -O /usr/share/caddy/index.html "https://github.com/caddyserver/dist/raw/{{ .config.dist_commit }}/welcome/index.html" +# note: shadow, bash, bash-completion coreutils are installed by default for alpine +apk add --no-cache --no-progress ca-certificates libcap mailcap git jq bash curl + diff --git a/start b/start deleted file mode 100755 index 2d4c917..0000000 --- a/start +++ /dev/null @@ -1,2 +0,0 @@ -mkdir data conf config > /dev/null 2>&1 -docker-compose up -d diff --git a/test/build b/test/build new file mode 100755 index 0000000..f2aa0c7 --- /dev/null +++ b/test/build @@ -0,0 +1 @@ +../build -e test.env $@ diff --git a/test/caddy b/test/caddy new file mode 100755 index 0000000..11e1054 --- /dev/null +++ b/test/caddy @@ -0,0 +1 @@ +udbuild try -e test.env -m /opt/caddy/conf -h conf caddy $@ diff --git a/test/caddy.pkgs b/test/caddy.pkgs new file mode 100755 index 0000000..862eeaf --- /dev/null +++ b/test/caddy.pkgs @@ -0,0 +1,4 @@ +# build packages +github.com/caddy-dns/route53 + + diff --git a/test/compose.env b/test/compose.env new file mode 100644 index 0000000..7589aea --- /dev/null +++ b/test/compose.env @@ -0,0 +1,5 @@ +# copy this to .env and edit to suit +# create a test.conf file in conf/ +CONF=test +# specific to route 53 +CREDENTIALS=/path/to/aws-credentials.env \ No newline at end of file diff --git a/test/conf/Caddyfile b/test/conf/Caddyfile new file mode 100644 index 0000000..30d5a92 --- /dev/null +++ b/test/conf/Caddyfile @@ -0,0 +1,13 @@ +*.mydomain.net { + + tls email@gmail.com { + dns route53 { + max_retries 10 + } + } + + @portainerr host docker.mydomain.net + handle @portainer { + reverse_proxy 10.0.0.5:9000 + } +} \ No newline at end of file diff --git a/test/conf/caddy.pkgs b/test/conf/caddy.pkgs new file mode 100755 index 0000000..ac02fb7 --- /dev/null +++ b/test/conf/caddy.pkgs @@ -0,0 +1,3 @@ +github.com/caddy-dns/route53 +# comment lines are ignored thus a way to disable a package on build +# github.com/greenpau/caddy-security diff --git a/test/conf/test.conf b/test/conf/test.conf new file mode 100644 index 0000000..4d6e6a0 --- /dev/null +++ b/test/conf/test.conf @@ -0,0 +1,13 @@ +*.seldon.kebler.net { + + tls kebler.net@gmail.com { + dns route53 { + max_retries 10 + } + } + + @docker host docker.seldon.kebler.net + handle @docker { + reverse_proxy seldon.kebler.net:9016 + } +} diff --git a/test/docker-compose.yaml b/test/docker-compose.yaml new file mode 100644 index 0000000..caceb6f --- /dev/null +++ b/test/docker-compose.yaml @@ -0,0 +1,29 @@ +services: + caddy: + container_name: caddy-testing + image: testing/caddy + # if no $CONF is given then Caddyfile in ${PWD}/conf:/opt/caddy/conf will be used + command: caddy run ${CONF} + hostname: caddy-testing + env_file: + # this environment file is specific to route53 + - $CREDENTIALS + volumes: + - conf:/opt/caddy/conf + - opt:/opt + ports: + - 80:80 + - 443:443 + - 2019:2019 + +volumes: + conf: + driver_opts: + type: none + device: ${PWD}/conf + o: bind + opt: + driver_opts: + type: none + device: ${PWD}/opt + o: bind diff --git a/test/get-packages b/test/get-packages new file mode 100755 index 0000000..50bccd4 --- /dev/null +++ b/test/get-packages @@ -0,0 +1 @@ +udbuild try -e test.env -m /opt/caddy/conf -h conf -s list-packages \ No newline at end of file diff --git a/test/list-packages b/test/list-packages new file mode 100755 index 0000000..af4e4f6 --- /dev/null +++ b/test/list-packages @@ -0,0 +1,5 @@ +echo "**** caddy packages installed *******" +cat /opt/caddy/bin/installed.pkgs +echo "------- corresponding modules ------" +caddy list-modules | sed '1,/Standard modules/d;/Non-standard modules/,$d' +echo "*****************************" \ No newline at end of file diff --git a/test/shell b/test/shell new file mode 100755 index 0000000..f040638 --- /dev/null +++ b/test/shell @@ -0,0 +1 @@ +udbuild try -e test.env -m /opt/caddy/conf -h conf shell $@ diff --git a/test/test b/test/test new file mode 100755 index 0000000..4855b6d --- /dev/null +++ b/test/test @@ -0,0 +1,7 @@ +# if no image run ./build first +if docker image inspect testing/caddy >/dev/null 2>&1 ;then +docker-compose ${@:-up} +else +./build -e test -t default -p +docker-compose ${@:-up} +fi \ No newline at end of file diff --git a/test/test.env b/test/test.env new file mode 100644 index 0000000..e125a4e --- /dev/null +++ b/test/test.env @@ -0,0 +1,7 @@ +# +# BASE_IMAGE=uci-base-alpine +BUILD_SRC=../src +RUSER=testing +NAME=caddy +BUILD_CADDY_CONF=true +# TARGET=dev diff --git a/upgrade b/upgrade deleted file mode 100755 index 0045a98..0000000 --- a/upgrade +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -docker-compose down -docker-compose pull -docker-compose up -d