chore: update scripts

rewardenv · Oct 25, 2024 · d6f0af0 · d6f0af0
1 parent 900f63e
commit d6f0af0
Show file tree

Hide file tree

Showing 47 changed files with 2,656 additions and 683 deletions.
diff --git a/images/php-fpm-rootless/base/context/rootfs/docker-entrypoint.sh b/images/php-fpm-rootless/base/context/rootfs/docker-entrypoint.sh
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/bash
 set -e
 
 version_gt() { test "$(printf "%s\n" "$@" | sort -V | head -n 1)" != "$1"; }

diff --git a/images/php-fpm-rootless/magento2-web/context/rootfs/docker-entrypoint.sh b/images/php-fpm-rootless/magento2-web/context/rootfs/docker-entrypoint.sh
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/bash
 set -e
 
 version_gt() { test "$(printf "%s\n" "$@" | sort -V | head -n 1)" != "$1"; }

diff --git a/images/php-fpm-rootless/magento2-web/context/rootfs/etc/nginx/conf.d/default.conf.template b/images/php-fpm-rootless/magento2-web/context/rootfs/etc/nginx/conf.d/default.conf.template
@@ -52,6 +52,17 @@ map $http_host $MAGE_RUN_TYPE {
 {{- end }}
 }
 
+set_real_ip_from 10.0.0.0/8;
+set_real_ip_from 172.16.0.0/12;
+set_real_ip_from 192.168.0.0/16;
+real_ip_recursive on;
+real_ip_header X-Forwarded-For;
+
+map $http_x_forwarded_for $realip {
+    ~^(\d+\.\d+\.\d+\.\d+) $1;
+    default $remote_addr;
+}
+
 map $http_x_forwarded_proto $fastcgi_https {
     default '';
     https on;

diff --git a/images/php-fpm-rootless/magento2-web/context/rootfs/etc/nginx/fastcgi_params.template b/images/php-fpm-rootless/magento2-web/context/rootfs/etc/nginx/fastcgi_params.template
@@ -15,7 +15,7 @@ fastcgi_param  HTTPS              $https if_not_empty;
 fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
 fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
 
-fastcgi_param  REMOTE_ADDR        $remote_addr;
+fastcgi_param  REMOTE_ADDR        $realip;
 fastcgi_param  REMOTE_PORT        $remote_port;
 fastcgi_param  SERVER_ADDR        $server_addr;
 fastcgi_param  SERVER_PORT        $server_port;

diff --git a/...p-fpm-rootless/magento2-web/context/rootfs/home/www-data/.local/bin/check-dependencies.sh b/...p-fpm-rootless/magento2-web/context/rootfs/home/www-data/.local/bin/check-dependencies.sh
@@ -1,109 +1,141 @@
-#!/usr/bin/env bash
-[ "${DEBUG:-false}" = "true" ] && set -x
+#!/bin/bash
+[[ "${DEBUG:-false}" == "true" ]] && set -x
 set -eE -o pipefail -o errtrace
 shopt -s extdebug
 
-if [ "${DEBUG:-false}" != "true" ]; then
-  QUIET="--quiet"
+readonly FUNCTIONS_FILE="$(dirname "$(realpath "$0")")/functions.sh"
+if [[ -f "${FUNCTIONS_FILE}" ]]; then
+  source "${FUNCTIONS_FILE}"
+else
+  printf "\033[1;31m%s ERROR: Required file %s not found\033[0m\n" "$(date --iso-8601=seconds)" "${FUNCTIONS_FILE}" >&2
+  exit 1
 fi
 
-log() {
-  [ "${SILENT:-false}" != "true" ] && printf "%s INFO: %s\n" "$(date --iso-8601=seconds)" "$*"
-}
+readonly RETRY_INTERVAL=${RETRY_INTERVAL:-1}
+readonly TIMEOUT=${TIMEOUT:-600}
+readonly START_TIME=$(date +%s)
 
-error() {
-  exitcode=$?
-  # color red
-  printf "\033[1;31m%s ERROR: %s\033[0m\n" "$(date --iso-8601=seconds)" "$*"
+# Check if a command exists
+check_timeout() {
+  local current_time
+  current_time=$(date +%s)
+  local elapsed=$((current_time - START_TIME))
 
-  if [ "${exitcode}" -eq 0 ]; then exit 1; fi
-  exit "${exitcode}"
+  if [[ "$elapsed" -ge "$TIMEOUT" ]]; then
+    error "Global timeout of ${TIMEOUT}s reached"
+  fi
 }
 
-trapinfo() {
-  # shellcheck disable=SC2145
-  error "Command failed: $BASH_COMMAND STATUS=$? LINENO=${@:1:$(($# - 1))}"
+# Main check function with retry logic
+check_dependency() {
+  local func_name="$1"
+  local attempt=1
+
+  # Skip if already successful
+  if [[ ${check_status[$func_name]:-false} == true ]]; then
+    log "Skipping $func_name - already successful"
+    return 0
+  fi
+
+  while check_timeout; do
+    log "Checking $func_name (attempt $attempt)"
+
+    if ${func_name}; then
+      log "Check succeeded: ${func_name}"
+      check_status[${func_name}]=true
+      return 0
+    fi
+
+    attempt=$((attempt + 1))
+    log "Check failed: ${func_name}, retrying in ${RETRY_INTERVAL}s..."
+    sleep "${RETRY_INTERVAL}"
+  done
+
+  # If we get here, we've timed out
+  log "Global Timeout reached ${func_name}"
+  return 1
 }
 
 check_database() {
-  log "Checking database connection..."
-  if mysql -h"${MAGENTO_DATABASE_HOST:-db}" -P"${MAGENTO_DATABASE_PORT:-3306}" -u"${MAGENTO_DATABASE_USER:-magento}" -p"${MAGENTO_DATABASE_PASSWORD:-magento}" -e "CREATE DATABASE IF NOT EXISTS ${MAGENTO_DATABASE_NAME:-magento}; "; then
-    log "Database connection ready."
-  else
-    error "Database connection failed."
+  if ! mysql -h"${MAGENTO_DATABASE_HOST:-db}" -P"${MAGENTO_DATABASE_PORT:-3306}" -u"${MAGENTO_DATABASE_USER:-magento}" -p"${MAGENTO_DATABASE_PASSWORD:-magento}" -e "CREATE DATABASE IF NOT EXISTS ${MAGENTO_DATABASE_NAME:-magento}; "; then
+    return 1
   fi
 }
 
 check_elasticsearch() {
-  if [ "${MAGENTO_ELASTICSEARCH_ENABLED:-false}" = "true" ]; then
-    log "Checking Elasticsearch connection..."
-    if curl --connect-timeout 10 -fsSL -X GET "http://${MAGENTO_ELASTICSEARCH_HOST:-opensearch}:${MAGENTO_ELASTICSEARCH_PORT:-9200}/_cat/health?pretty" &>/dev/null; then
-      log "Elasticsearch connection ready."
-    else
-      error "Elasticsearch connection failed."
-    fi
+  if ! curl --connect-timeout 10 -fsSL -X GET "http://${MAGENTO_ELASTICSEARCH_HOST:-elasticsearch}:${MAGENTO_ELASTICSEARCH_PORT:-9200}/_cat/health?pretty" &>/dev/null; then
+    return 1
   fi
 }
 
 check_opensearch() {
-  if [ "${MAGENTO_OPENSEARCH_ENABLED:-false}" = "true" ]; then
-    log "Checking Opensearch connection..."
-    if curl --connect-timeout 10 -fsSL -X GET "http://${MAGENTO_OPENSEARCH_HOST:-opensearch}:${MAGENTO_OPENSEARCH_PORT:-9200}/_cat/health?pretty" &>/dev/null; then
-      log "Opensearch connection ready."
-    else
-      error "Opensearch connection failed."
-    fi
+  if ! curl --connect-timeout 10 -fsSL -X GET "http://${MAGENTO_OPENSEARCH_HOST:-opensearch}:${MAGENTO_OPENSEARCH_PORT:-9200}/_cat/health?pretty" &>/dev/null; then
+    return 1
   fi
 }
 
 check_redis() {
-  if [ "${MAGENTO_REDIS_ENABLED:-false}" = "true" ]; then
-    log "Checking Redis connection..."
-    AUTH_COMMAND=""
-    if [ -n "${MAGENTO_REDIS_PASSWORD:-}" ]; then
-      AUTH_COMMAND="AUTH ${MAGENTO_REDIS_PASSWORD:-redis}\r\n"
-    fi
+  AUTH_COMMAND=""
+  if [[ -n "${MAGENTO_REDIS_PASSWORD:-}" ]]; then
+    AUTH_COMMAND="AUTH ${MAGENTO_REDIS_PASSWORD:-redis}\r\n"
+  fi
 
-    if printf "%bPING\r\n" "${AUTH_COMMAND}" | nc -N -v "${MAGENTO_REDIS_HOST:-redis}" "${MAGENTO_REDIS_PORT:-6379}" | grep "PONG"; then
-      log "Redis connection ready."
-    else
-      error "Redis connection failed."
-    fi
+  if ! printf "%bPING\r\n" "${AUTH_COMMAND}" | nc -N -v "${MAGENTO_REDIS_HOST:-redis}" "${MAGENTO_REDIS_PORT:-6379}" | grep "PONG"; then
+    return 1
   fi
 }
 
 check_rabbitmq() {
-  if [ "${MAGENTO_RABBITMQ_ENABLED:-false}" = "true" ]; then
-    log "Checking RabbitMQ connection..."
-    if nc -v -z "${MAGENTO_AMQP_HOST:-rabbitmq}" "${MAGENTO_AMQP_PORT:-5672}"; then
-      log "RabbitMQ connection ready."
-    else
-      error "RabbitMQ connection failed."
-    fi
+  if ! nc -v -z "${MAGENTO_AMQP_HOST:-rabbitmq}" "${MAGENTO_AMQP_PORT:-5672}"; then
+    return 1
   fi
 }
 
 check_varnish() {
-  if [ "${MAGENTO_VARNISH_ENABLED:-false}" = "true" ]; then
-    log "Checking Varnish connection..."
-    if nc -v -z "${MAGENTO_VARNISH_HOST:-varnish}" "${MAGENTO_VARNISH_PORT:-80}"; then
-      log "Varnish connection ready."
-    else
-      error "Varnish connection failed."
-    fi
+  if ! nc -v -z "${MAGENTO_VARNISH_HOST:-varnish}" "${MAGENTO_VARNISH_PORT:-80}"; then
+    return 1
+  fi
+}
+
+configure_checks() {
+  checks+=("check_database")
+
+  if [[ "${MAGENTO_ELASTICSEARCH_ENABLED:-false}" == "true" ]]; then
+    checks+=("check_elasticsearch")
+  fi
+
+  if [[ "${MAGENTO_OPENSEARCH_ENABLED:-false}" == "true" ]]; then
+    checks+=("check_opensearch")
+  fi
+
+  if [[ "${MAGENTO_REDIS_ENABLED:-false}" == "true" ]]; then
+    checks+=("check_redis")
+  fi
+
+  if [[ "${MAGENTO_RABBITMQ_ENABLED:-false}" == "true" ]]; then
+    checks+=("check_rabbitmq")
+  fi
+
+  if [[ "${MAGENTO_VARNISH_ENABLED:-false}" == "true" ]]; then
+    checks+=("check_varnish")
   fi
 }
 
 main() {
   trap 'trapinfo $LINENO ${BASH_LINENO[*]}' ERR
 
-  check_database
-  check_elasticsearch
-  check_opensearch
-  check_redis
-  check_rabbitmq
-  check_varnish
-  log "All connections are ready."
+  declare -a checks
+  declare -A check_status
+  configure_checks
+
+  for check in "${checks[@]}"; do
+    if ! check_dependency "$check"; then
+      log "Dependency checks failed due to timeout or error"
+      exit 1
+    fi
+  done
+
+  log "All dependency checks passed"
 }
 
 main
diff --git a/images/php-fpm-rootless/magento2-web/context/rootfs/home/www-data/.local/bin/functions.sh b/images/php-fpm-rootless/magento2-web/context/rootfs/home/www-data/.local/bin/functions.sh
@@ -0,0 +1,109 @@
+#!/bin/bash
+# Common functions for scripts
+
+# Shell options
+set -e
+
+# Prevent direct execution of this file
+if [[ "${BASH_SOURCE[0]}" -ef "$0" ]]; then
+  echo "This script should be sourced, not executed directly"
+  exit 1
+fi
+
+# Guard against double-sourcing
+if [[ -n "${_FUNCTIONS_SOURCED:-}" ]]; then
+  return 0
+fi
+readonly _FUNCTIONS_SOURCED=1
+
+# Print log messages
+log() {
+  [[ "${SILENT:-false}" != "true" ]] && printf "%s INFO: %s\n" "$(date --iso-8601=seconds)" "$*"
+}
+
+# Print error messages and exit
+error() {
+  exitcode=$?
+  # color red
+  printf "\033[1;31m%s ERROR: %s\033[0m\n" "$(date --iso-8601=seconds)" "$*" >&2
+
+  if [[ "${exitcode}" -eq 0 ]]; then exit 1; fi
+  exit "${exitcode}"
+}
+
+# Print error messages and exit with the command that failed
+trapinfo() {
+  IFS=":"
+  # shellcheck disable=SC2145
+  error "A command has failed. Exiting the script. STATUS=($?) COMMAND=($BASH_COMMAND) BASH_LINENO=($0:${@:1:$(($# - 1))}) $(sed -n "$1p" "${BASH_SOURCE[0]}")"
+}
+
+lock_acquire() {
+  local lockfile="${1:-}"
+
+  if [[ -z "$lockfile" ]]; then
+    error "Lock file not provided"
+  fi
+
+  # Check if lockfile exists and process is still running
+  if [[ -f "$lockfile" ]]; then
+    local pid
+    pid=$(cat "$lockfile" 2>/dev/null)
+    if [[ -n "$pid" ]] && kill -0 "$pid" 2>/dev/null; then
+      error "Another process is already running, exiting"
+    fi
+
+    # Lock file exists but process is dead, remove stale lock
+    log "Removing stale lock file"
+    rm -f "$lockfile"
+  fi
+
+  # Create lock file with current PID
+  echo $$ >"$lockfile"
+}
+
+lock_release() {
+  local lockfile="${1:-}"
+
+  if [[ -z "$lockfile" ]]; then
+    error "Lock file not provided"
+  fi
+
+  # Only remove if we own the lock
+  if [[ -f "$lockfile" ]] && [[ "$(cat "$lockfile" 2>/dev/null)" == "$$" ]]; then
+    rm -f "$lockfile"
+  fi
+}
+
+lock_cleanup() {
+  local lockfile="${1:-}"
+
+  if [[ -z "$lockfile" ]]; then
+    error "Lock file not provided"
+  fi
+
+  lock_release "$lockfile"
+}
+
+conditional_sleep() {
+  if [[ "${SLEEP:-false}" == "true" ]]; then
+    sleep infinity
+  elif [[ "${SLEEP:-false}" =~ ^[0-9]+$ ]]; then
+    sleep "${SLEEP}"
+  fi
+}
+
+shared_config_path() {
+  if [[ -w "${SHARED_CONFIG_PATH:-/config}" ]]; then
+    echo "/config"
+  else
+    echo "/tmp"
+  fi
+}
+
+app_path() {
+  echo "/var/www/html"
+}
+
+# Compare versions
+version_gt() { test "$(printf '%s\n' "${@#v}" | sort -V | head -n 1)" != "${1#v}"; }