Merge pull request #127 from flcontainers/dev

fix 1.5.5 update

.gitattributes

@@ -0,0 +1,5 @@
+* text=auto eol=lf
+*.conf text eol=lf
+*.properties text eol=lf
+*.sh text eol=lf
+*.yml text eol=lf

Dockerfile

@@ -185,8 +185,7 @@ ENV \
   TOMCAT_VER=9.0.91 \
   PGDATA=/config/postgres \
   POSTGRES_USER=guacamole \
-  POSTGRES_DB=guacamole_db \
-  POSTGRES_HOST_AUTH_METHOD="trust"
+  POSTGRES_DB=guacamole_db
 
 # Runtime environment
 ENV LC_ALL=C.UTF-8
@@ -213,30 +212,37 @@ RUN apk add --no-cache                \
         netcat-openbsd                \
         openjdk11-jdk                 \
         postgresql${PG_MAJOR}         \
+        pwgen                         \
         shadow                        \
+        supervisor                    \
         terminus-font                 \
         ttf-dejavu                    \
         ttf-liberation                \
         tzdata                        \
         util-linux-login && \
     xargs apk add --no-cache < ${PREFIX_DIR}/DEPENDENCIES
 
-RUN apk add --no-cache -X https://dl-cdn.alpinelinux.org/alpine/edge/testing gosu 
+RUN apk add --no-cache -X https://dl-cdn.alpinelinux.org/alpine/edge/testing gosu
+
+# Add user guacd
+RUN groupadd guacd && \
+useradd -s /bin/false -g guacd guacd
+RUN chown guacd:guacd -R ${PREFIX_DIR}
 
 # Install tomcat
-RUN mkdir /opt/tomcat
+RUN mkdir ${CATALINA_HOME}
 ADD https://dlcdn.apache.org/tomcat/tomcat-9/v${TOMCAT_VER}/bin/apache-tomcat-${TOMCAT_VER}.tar.gz /tmp/
-RUN tar xvzf /tmp/apache-tomcat-${TOMCAT_VER}.tar.gz --strip-components 1 --directory /opt/tomcat
-RUN chmod +x /opt/tomcat/bin/*.sh
+RUN tar xvzf /tmp/apache-tomcat-${TOMCAT_VER}.tar.gz --strip-components 1 --directory ${CATALINA_HOME}
+RUN chmod +x ${CATALINA_HOME}/bin/*.sh
 
 RUN groupadd tomcat && \
-useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
+useradd -s /bin/false -g tomcat -d ${CATALINA_HOME} tomcat
 
-RUN chgrp -R tomcat /opt/tomcat && \
-chmod -R g+r /opt/tomcat/conf && \
-chmod g+x /opt/tomcat/conf && \
-chown -R tomcat /opt/tomcat/webapps/ /opt/tomcat/work/ /opt/tomcat/temp/ /opt/tomcat/logs/ && \
-chmod 777 -R /opt/tomcat/logs/
+RUN chgrp -R tomcat ${CATALINA_HOME} && \
+chmod -R g+r ${CATALINA_HOME}/conf && \
+chmod g+x ${CATALINA_HOME}/conf && \
+chown -R tomcat ${CATALINA_HOME}/webapps/ ${CATALINA_HOME}/work/ ${CATALINA_HOME}/temp/ ${CATALINA_HOME}/logs/ && \
+chmod 777 -R ${CATALINA_HOME}/logs/
 
 # Install guacamole-client and postgres auth adapter
 RUN set -x \
@@ -295,29 +301,44 @@ RUN set -xe \
 ###############################################################################
 
 # Finishing Container configuration
+RUN chown tomcat:tomcat -R ${GUACAMOLE_HOME}
+
 ENV PATH=/usr/lib/postgresql/${PG_MAJOR}/bin:$PATH
 ENV GUACAMOLE_HOME=/config/guacamole
+ENV CATALINA_PID=${CATALINA_HOME}/tomcat.pid
+ENV POSTGRES_PID=/config/postgresql/postmaster.pid
+ENV GUACD_PID=${PREFIX_DIR}/guacd.pid
 
 # Copy files
 COPY filefs /
 RUN chmod +x /usr/local/bin/*.sh
-RUN chmod +x /etc/init.d/tomcat
-RUN chmod +x /etc/init.d/postgres
 RUN chmod +x /startup.sh
 
-# Hack for windows based host (CRLF / LF)
-RUN sed -i -e 's/\r$//' /etc/init.d/*
-RUN sed -i -e 's/\r$//' /usr/local/bin/*.sh
-RUN sed -i -e 's/\r$//' /startup.sh
+# Copy Scripts
+COPY scripts/tomcat ${CATALINA_HOME}/bin
+RUN chown tomcat:tomcat ${CATALINA_HOME}/bin/wrapper_supervisor.sh
+RUN chmod +x ${CATALINA_HOME}/bin/wrapper_supervisor.sh
 
-SHELL ["/bin/bash", "-c"]
+COPY scripts/guacd ${PREFIX_DIR}
+RUN chown guacd:guacd ${PREFIX_DIR}/wrapper_supervisor.sh
+RUN chmod +x ${PREFIX_DIR}/wrapper_supervisor.sh
 
-STOPSIGNAL SIGINT
+RUN mkdir -p /scripts/postgres
+RUN chmod 755 -R /scripts
+COPY scripts/postgres /scripts/postgres
+RUN chown postgres:postgres -R /scripts/postgres
+RUN chmod +x /scripts/postgres/wrapper_supervisor.sh
 
-# Docker Startup Scripts
-WORKDIR /
-CMD ["/startup.sh"]
+# Prepare logs folder for supervisor
+RUN mkdir -p /var/log/supervisor
+RUN chmod 755 -R /var/log/supervisor
+
+# Stop Signal type
+STOPSIGNAL SIGTERM
 
 EXPOSE 8080
 
 WORKDIR /config
+
+# Set the entrypoint
+ENTRYPOINT ["/startup.sh"]

filefs/app/guacamole/guacamole.properties

@@ -1,7 +1,5 @@
+enable-clipboard-integration: true
 postgresql-hostname: localhost
 postgresql-port: 5432
 postgresql-database: guacamole_db
-postgresql-username: guacamole
-postgresql-password: null
-
-enable-clipboard-integration: true
+postgresql-username: guacamole

filefs/etc/supervisord.conf

@@ -0,0 +1,35 @@
+[supervisord]
+nodaemon=true
+user=root
+loglevel = info
+pidfile = /tmp/supervisord.pid
+logfile = /tmp/supervisord.log
+
+[program:postgresql]
+command=/scripts/postgres/wrapper_supervisor.sh
+autostart=true
+stdout_logfile=/var/log/supervisor/postgres.log
+stderr_logfile=/var/log/supervisor/postgres_error.log
+user=postgres
+stopwaitsecs=60
+priority=10
+
+[program:tomcat]
+directory=/opt/tomcat
+command=/opt/tomcat/bin/wrapper_supervisor.sh
+autostart=true
+stdout_logfile=/var/log/supervisor/tomcat.log
+stderr_logfile=/var/log/supervisor/tomcat_error.log
+user=tomcat
+stopwaitsecs=60
+priority=20
+
+[program:guacd]
+directory=/opt/guacamole
+command=/opt/guacamole/wrapper_supervisor.sh
+autostart=true
+stdout_logfile=/var/log/supervisor/guacd.log
+stderr_logfile=/var/log/supervisor/guacd_error.log
+user=guacd
+stopwaitsecs=60
+priority=30

filefs/startup.sh

@@ -1,28 +1,42 @@
 #!/bin/sh
 
+# Create password if DB not initialized
+if [ -f "/config/postgres/PG_VERSION" ]; then
+  echo "DB exisit"
+  # Define the path to the properties file
+  PROPERTIES_FILE="/config/guacamole/guacamole.properties"
+  # Ensure the file exists
+  if [[ ! -f "$PROPERTIES_FILE" ]]; then
+    echo "Properties file not found: $PROPERTIES_FILE"
+  else
+    # Read the postgresql-password value
+    POSTGRES_PASSWORD=$(grep -E '^postgresql-password:\s*.*' "$PROPERTIES_FILE" | awk -F': ' '{print $2}' | head -n 1)
+    # Check if a password was found
+    if [[ -z "$POSTGRES_PASSWORD" ]]; then
+      echo "postgresql-password not found in $PROPERTIES_FILE"
+    else
+      # Export the value as an environment variable
+      export POSTGRES_PASSWORD
+      echo "postgresql-password found in $PROPERTIES_FILE and exported"
+    fi
+  fi
+else
+  # Generate a random password for PostgreSQL
+  echo "Creating db password"
+  export POSTGRES_PASSWORD=$(pwgen -s 16 1)
+  echo -e "\npostgresql-password: $POSTGRES_PASSWORD" >> /app/guacamole/guacamole.properties
+fi
+
 echo "Running startup scripts"
 /usr/local/bin/_startup.sh
 
-echo "Running Postgres"
-/etc/init.d/postgres start
-
-echo "Running Guacamole server"
-bash -c '/opt/guacamole/sbin/guacd -b 0.0.0.0 -L $GUACD_LOG_LEVEL -f' &
+echo "Init DB Check"
+/usr/local/bin/_postgres.sh postgres &
 
 echo "Post startup DB scripts"
 gosu postgres bash -c '/usr/local/bin/_post_startup.sh'
 
-echo "Running Tomcat"
-# Wait for postgres to be ready
-while ! nc -z localhost 5432; do   
-  sleep 5
-done
-/etc/init.d/tomcat start
+echo "DB Preparation finished exiting for main processes..."
+gosu postgres /bin/sh -c 'pg_ctl -D "$PGDATA" -m fast -w stop'
 
-echo "container started"
-#tail -f /dev/null
-# Wait for any process to exit
-wait -n
-
-# Exit with status of process that exited first
-exit $?
+exec /usr/bin/supervisord -c /etc/supervisord.conf

filefs/usr/local/bin/_post_startup.sh

@@ -1,12 +1,9 @@
 #!/bin/sh
 
-# Wait a few seconds before init
-sleep 15
-
 # Wait for postgres to be ready
 while ! nc -z localhost 5432; do
-  echo "Guacamole client waiting for DB"   
-  sleep 5
+echo "Guacamole client waiting for DB"   
+sleep 5
 done
 
 echo "database port open... Finishing Configuration"

filefs/usr/local/bin/_postgres.sh

@@ -1,5 +1,4 @@
 #!/usr/bin/env bash
-echo "Running postgres init"
 
 set -Eeo pipefail
 # TODO swap to -Eeuo pipefail above (after handling all potentially-unset variables)
@@ -322,6 +321,7 @@ _main() {
 
 			# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
 			# e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS
+
 			export PGPASSWORD="${PGPASSWORD:-$POSTGRES_PASSWORD}"
 			docker_temp_server_start "$@"
 

filefs/usr/local/bin/_startup.sh

@@ -54,5 +54,5 @@ fi
 
 # enable extensions
 for i in $(echo "$EXTENSIONS" | tr "," " "); do
-  cp ${GUACAMOLE_HOME}/extensions-available/guacamole-${i}-${GUAC_VER}.jar ${GUACAMOLE_HOME}/extensions
+  cp -p ${GUACAMOLE_HOME}/extensions-available/guacamole-${i}-${GUAC_VER}.jar ${GUACAMOLE_HOME}/extensions
 done

scripts/guacd/wrapper_supervisor.sh

@@ -0,0 +1,21 @@
+#!/bin/sh
+
+function shutdown()
+{
+    date
+    echo "Shutting down Guacd"
+
+}
+
+date
+echo "Starting Guacd"
+
+/opt/guacamole/sbin/guacd -b 0.0.0.0 -L $GUACD_LOG_LEVEL -p $GUACD_PID -f
+
+sleep 5
+
+# Allow any signal which would kill a process to stop GUACD
+trap shutdown HUP INT QUIT ABRT KILL ALRM TERM TSTP SIGTERM SIGINT
+
+echo "Waiting for `cat $GUACD_PID`"
+wait `cat $GUACD_PID`

scripts/postgres/wrapper_supervisor.sh

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+function shutdown()
+{
+    date
+    echo "Shutting down Postgresql"
+
+    pg_ctl -m fast -w stop
+
+}
+
+date
+echo "Starting Postgresql"
+
+postgres
+
+sleep 5
+
+# Allow any signal which would kill a process to stop Postgres
+trap shutdown HUP INT QUIT ABRT KILL ALRM TERM TSTP SIGTERM SIGINT
+
+echo "Waiting for `head -1 $POSTGRES_PID`"
+wait `cat $POSTGRES_PID`