Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Lazy] Generalize s6 services usage #419

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Lazy] Generalize s6 services usage #419

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions lazy.ansible/.manala.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ manala:
- .manala/github
- .manala/gitlab
- .manala/make
- .manala/services
- .manala/.dockerignore
- .manala/.gitignore
- .manala/Makefile.tmpl
Expand Down
12 changes: 12 additions & 0 deletions lazy.ansible/.manala/docker/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ ARG DEBIAN_FRONTEND="noninteractive"
ARG MANALA_USER_ID="1000"
ARG MANALA_GROUP_ID="1000"

ARG TINI_VERSION="0.19.0"
ARG GOSU_VERSION="1.17"
ARG GOMPLATE_VERSION="3.11.7"
ARG DIRENV_VERSION="2.33.0"
Expand Down Expand Up @@ -45,6 +46,10 @@ RUN \
&& adduser --home /home/lazy --shell /bin/bash --uid ${MANALA_USER_ID} --gecos lazy --ingroup lazy --disabled-password lazy \
&& install --verbose --mode 0755 --group lazy --owner lazy --directory /run/user/${MANALA_USER_ID} \
&& echo "lazy ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/lazy \
# Tini
&& curl -sSL "https://github.com/krallin/tini/releases/download/v${TINI_VERSION}/tini-{{ include "arch_map" (dict "amd64" "amd64" "arm64" "arm64") }}" \
--output /usr/local/bin/tini \
&& chmod +x /usr/local/bin/tini \
# Gosu
&& curl -sSL "https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-{{ include "arch_map" (dict "amd64" "amd64" "arm64" "arm64") }}" \
--output /usr/local/bin/gosu \
Expand All @@ -57,13 +62,20 @@ RUN \
&& curl -sSL "https://github.com/direnv/direnv/releases/download/v${DIRENV_VERSION}/direnv.linux-{{ include "arch_map" (dict "amd64" "amd64" "arm64" "arm64") }}" \
--output /usr/local/bin/direnv \
&& chmod +x /usr/local/bin/direnv \
# Services
&& install --verbose --directory /etc/services/enabled \
&& install --verbose --directory /etc/services/available \
# Bash completion
&& install --verbose --mode 0755 --directory /etc/bash_completion.d \
# Oh My Bash
&& git clone https://github.com/ohmybash/oh-my-bash.git /usr/local/share/oh-my-bash \
# Clean
&& rm -rf /var/lib/apt/lists/*

# Services
COPY services/docker-bridge /etc/services/available/docker-bridge
COPY services/ssh-auth-bridge /etc/services/available/ssh-auth-bridge

##########
# System #
##########
Expand Down
40 changes: 12 additions & 28 deletions lazy.ansible/.manala/docker/entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,30 +2,6 @@

set -e

# Ssh agent bridge
if [ -n "${SSH_AUTH_SOCK}" ]; then
sh -c " \
while sleep 1; do \
rm -f /var/run/ssh-auth-bridge.sock ;
socat \
UNIX-LISTEN:/var/run/ssh-auth-bridge.sock,fork,mode=777 \
UNIX-CONNECT:/var/run/ssh-auth.sock ; \
done \
" &
fi

# Docker bridge
if [ -n "${DOCKER_HOST}" ]; then
sh -c " \
while sleep 1; do \
rm -f /var/run/docker-bridge.sock ;
socat -t 600 \
UNIX-LISTEN:/var/run/docker-bridge.sock,fork,mode=777 \
UNIX-CONNECT:/var/run/docker.sock ; \
done \
" &
fi

# As a consequence of running the container as root user,
# tty is not writable by sued user
if [ -t 1 ]; then
Expand All @@ -48,10 +24,18 @@ if [ -d ".manala/etc" ]; then
GOMPLATE_LOG_FORMAT=simple gomplate --input-dir=.manala/etc --output-dir=/etc 2>/dev/null
fi

# Services
if [ $# -eq 0 ] && [ -d "/etc/services.d" ]; then
exec s6-svscan /etc/services.d
# Docker bridge
if [ -n "${DOCKER_HOST}" ]; then
ln --symbolic /etc/services/available/docker-bridge /etc/services/enabled/
fi

# Ssh auth bridge
if [ -n "${SSH_AUTH_SOCK}" ]; then
ln --symbolic /etc/services/available/ssh-auth-bridge /etc/services/enabled/
fi

# Services
s6-svscan /etc/services/enabled &

# Command
exec gosu lazy "$@"
exec tini -- gosu lazy "$@"
5 changes: 5 additions & 0 deletions lazy.ansible/.manala/services/docker-bridge/run
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#!/bin/sh

exec socat -t 600 \
UNIX-LISTEN:/var/run/docker-bridge.sock,fork,unlink-early,mode=777 \
UNIX-CONNECT:/var/run/docker.sock
5 changes: 5 additions & 0 deletions lazy.ansible/.manala/services/ssh-auth-bridge/run
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#!/bin/sh

exec socat \
UNIX-LISTEN:/var/run/ssh-auth-bridge.sock,fork,unlink-early,mode=777 \
UNIX-CONNECT:/var/run/ssh-auth.sock
1 change: 1 addition & 0 deletions lazy.kubernetes/.manala.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ manala:
- .manala/github
- .manala/gitlab
- .manala/make
- .manala/services
- .manala/.dockerignore
- .manala/.gitignore
- .manala/Makefile.tmpl
Expand Down
12 changes: 12 additions & 0 deletions lazy.kubernetes/.manala/docker/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ ARG DEBIAN_FRONTEND="noninteractive"
ARG MANALA_USER_ID="1000"
ARG MANALA_GROUP_ID="1000"

ARG TINI_VERSION="0.19.0"
ARG GOSU_VERSION="1.17"
ARG GOMPLATE_VERSION="3.11.7"
ARG DIRENV_VERSION="2.33.0"
Expand Down Expand Up @@ -45,6 +46,10 @@ RUN \
&& adduser --home /home/lazy --shell /bin/bash --uid ${MANALA_USER_ID} --gecos lazy --ingroup lazy --disabled-password lazy \
&& install --verbose --mode 0755 --group lazy --owner lazy --directory /run/user/${MANALA_USER_ID} \
&& echo "lazy ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/lazy \
# Tini
&& curl -sSL "https://github.com/krallin/tini/releases/download/v${TINI_VERSION}/tini-{{ include "arch_map" (dict "amd64" "amd64" "arm64" "arm64") }}" \
--output /usr/local/bin/tini \
&& chmod +x /usr/local/bin/tini \
# Gosu
&& curl -sSL "https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-{{ include "arch_map" (dict "amd64" "amd64" "arm64" "arm64") }}" \
--output /usr/local/bin/gosu \
Expand All @@ -57,13 +62,20 @@ RUN \
&& curl -sSL "https://github.com/direnv/direnv/releases/download/v${DIRENV_VERSION}/direnv.linux-{{ include "arch_map" (dict "amd64" "amd64" "arm64" "arm64") }}" \
--output /usr/local/bin/direnv \
&& chmod +x /usr/local/bin/direnv \
# Services
&& install --verbose --directory /etc/services/enabled \
&& install --verbose --directory /etc/services/available \
# Bash completion
&& install --verbose --mode 0755 --directory /etc/bash_completion.d \
# Oh My Bash
&& git clone https://github.com/ohmybash/oh-my-bash.git /usr/local/share/oh-my-bash \
# Clean
&& rm -rf /var/lib/apt/lists/*

# Services
COPY services/docker-bridge /etc/services/available/docker-bridge
COPY services/ssh-auth-bridge /etc/services/available/ssh-auth-bridge

##########
# System #
##########
Expand Down
40 changes: 12 additions & 28 deletions lazy.kubernetes/.manala/docker/entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,30 +2,6 @@

set -e

# Ssh agent bridge
if [ -n "${SSH_AUTH_SOCK}" ]; then
sh -c " \
while sleep 1; do \
rm -f /var/run/ssh-auth-bridge.sock ;
socat \
UNIX-LISTEN:/var/run/ssh-auth-bridge.sock,fork,mode=777 \
UNIX-CONNECT:/var/run/ssh-auth.sock ; \
done \
" &
fi

# Docker bridge
if [ -n "${DOCKER_HOST}" ]; then
sh -c " \
while sleep 1; do \
rm -f /var/run/docker-bridge.sock ;
socat -t 600 \
UNIX-LISTEN:/var/run/docker-bridge.sock,fork,mode=777 \
UNIX-CONNECT:/var/run/docker.sock ; \
done \
" &
fi

# As a consequence of running the container as root user,
# tty is not writable by sued user
if [ -t 1 ]; then
Expand All @@ -48,10 +24,18 @@ if [ -d ".manala/etc" ]; then
GOMPLATE_LOG_FORMAT=simple gomplate --input-dir=.manala/etc --output-dir=/etc 2>/dev/null
fi

# Services
if [ $# -eq 0 ] && [ -d "/etc/services.d" ]; then
exec s6-svscan /etc/services.d
# Docker bridge
if [ -n "${DOCKER_HOST}" ]; then
ln --symbolic /etc/services/available/docker-bridge /etc/services/enabled/
fi

# Ssh auth bridge
if [ -n "${SSH_AUTH_SOCK}" ]; then
ln --symbolic /etc/services/available/ssh-auth-bridge /etc/services/enabled/
fi

# Services
s6-svscan /etc/services/enabled &

# Command
exec gosu lazy "$@"
exec tini -- gosu lazy "$@"
5 changes: 5 additions & 0 deletions lazy.kubernetes/.manala/services/docker-bridge/run
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#!/bin/sh

exec socat -t 600 \
UNIX-LISTEN:/var/run/docker-bridge.sock,fork,unlink-early,mode=777 \
UNIX-CONNECT:/var/run/docker.sock
5 changes: 5 additions & 0 deletions lazy.kubernetes/.manala/services/ssh-auth-bridge/run
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#!/bin/sh

exec socat \
UNIX-LISTEN:/var/run/ssh-auth-bridge.sock,fork,unlink-early,mode=777 \
UNIX-CONNECT:/var/run/ssh-auth.sock
1 change: 1 addition & 0 deletions lazy.symfony/.manala.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ manala:
- .manala/github
- .manala/gitlab
- .manala/make
- .manala/services
- .manala/.dockerignore
- .manala/.gitignore
- .manala/Makefile.tmpl
Expand Down
16 changes: 16 additions & 0 deletions lazy.symfony/.manala/docker/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ ARG DEBIAN_FRONTEND="noninteractive"
ARG MANALA_USER_ID="1000"
ARG MANALA_GROUP_ID="1000"

ARG TINI_VERSION="0.19.0"
ARG GOSU_VERSION="1.17"
ARG GOMPLATE_VERSION="3.11.7"
ARG DIRENV_VERSION="2.33.0"
Expand Down Expand Up @@ -45,6 +46,10 @@ RUN \
&& adduser --home /home/lazy --shell /bin/bash --uid ${MANALA_USER_ID} --gecos lazy --ingroup lazy --disabled-password lazy \
&& install --verbose --mode 0755 --group lazy --owner lazy --directory /run/user/${MANALA_USER_ID} \
&& echo "lazy ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/lazy \
# Tini
&& curl -sSL "https://github.com/krallin/tini/releases/download/v${TINI_VERSION}/tini-{{ include "arch_map" (dict "amd64" "amd64" "arm64" "arm64") }}" \
--output /usr/local/bin/tini \
&& chmod +x /usr/local/bin/tini \
# Gosu
&& curl -sSL "https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-{{ include "arch_map" (dict "amd64" "amd64" "arm64" "arm64") }}" \
--output /usr/local/bin/gosu \
Expand All @@ -57,13 +62,20 @@ RUN \
&& curl -sSL "https://github.com/direnv/direnv/releases/download/v${DIRENV_VERSION}/direnv.linux-{{ include "arch_map" (dict "amd64" "amd64" "arm64" "arm64") }}" \
--output /usr/local/bin/direnv \
&& chmod +x /usr/local/bin/direnv \
# Services
&& install --verbose --directory /etc/services/enabled \
&& install --verbose --directory /etc/services/available \
# Bash completion
&& install --verbose --mode 0755 --directory /etc/bash_completion.d \
# Oh My Bash
&& git clone https://github.com/ohmybash/oh-my-bash.git /usr/local/share/oh-my-bash \
# Clean
&& rm -rf /var/lib/apt/lists/*

# Services
COPY services/docker-bridge /etc/services/available/docker-bridge
COPY services/ssh-auth-bridge /etc/services/available/ssh-auth-bridge

##########
# System #
##########
Expand Down Expand Up @@ -133,6 +145,8 @@ Pin-Priority: 1000\n\
# Clean
&& rm -rf /var/lib/apt/lists/*

COPY services/nginx /etc/services/enabled/nginx

# Php
{{ $php := .Vars.system.php -}}
RUN \
Expand Down Expand Up @@ -174,6 +188,8 @@ Signed-By: /etc/apt/keyrings/sury_php.gpg\n\
# Clean
&& rm -rf /var/lib/apt/lists/*

COPY services/php /etc/services/enabled/php

{{ $nodejs := .Vars.system.nodejs -}}
{{ if $nodejs.version -}}
# Nodejs
Expand Down
39 changes: 10 additions & 29 deletions lazy.symfony/.manala/docker/entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,30 +2,6 @@

set -e

# Ssh agent bridge
if [ -n "${SSH_AUTH_SOCK}" ]; then
sh -c " \
while sleep 1; do \
rm -f /var/run/ssh-auth-bridge.sock ;
socat \
UNIX-LISTEN:/var/run/ssh-auth-bridge.sock,fork,mode=777 \
UNIX-CONNECT:/var/run/ssh-auth.sock ; \
done \
" &
fi

# Docker bridge
if [ -n "${DOCKER_HOST}" ]; then
sh -c " \
while sleep 1; do \
rm -f /var/run/docker-bridge.sock ;
socat -t 600 \
UNIX-LISTEN:/var/run/docker-bridge.sock,fork,mode=777 \
UNIX-CONNECT:/var/run/docker.sock ; \
done \
" &
fi

# As a consequence of running the container as root user,
# tty is not writable by sued user
if [ -t 1 ]; then
Expand All @@ -48,10 +24,15 @@ if [ -d ".manala/etc" ]; then
GOMPLATE_LOG_FORMAT=simple gomplate --input-dir=.manala/etc --output-dir=/etc 2>/dev/null
fi

# Services
if [ $# -eq 0 ] && [ -d "/etc/services.d" ]; then
exec s6-svscan /etc/services.d
# Docker bridge
if [ -n "${DOCKER_HOST}" ]; then
ln --symbolic /etc/services/available/docker-bridge /etc/services/enabled/
fi

# Command
exec gosu lazy "$@"
# Ssh auth bridge
if [ -n "${SSH_AUTH_SOCK}" ]; then
ln --symbolic /etc/services/available/ssh-auth-bridge /etc/services/enabled/
fi

# Services
exec s6-svscan /etc/services/enabled
2 changes: 0 additions & 2 deletions lazy.symfony/.manala/etc/services.d/.s6-svscan/finish
View file
Open in desktop

This file was deleted.

5 changes: 5 additions & 0 deletions lazy.symfony/.manala/services/docker-bridge/run
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#!/bin/sh

exec socat -t 600 \
UNIX-LISTEN:/var/run/docker-bridge.sock,fork,unlink-early,mode=777 \
UNIX-CONNECT:/var/run/docker.sock
0 .../.manala/etc/services.d/nginx/down-signal → ...ymfony/.manala/services/nginx/down-signal
View file
Open in desktop
File renamed without changes.
1 change: 1 addition & 0 deletions ....symfony/.manala/etc/services.d/nginx/run → lazy.symfony/.manala/services/nginx/run
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
#!/bin/sh

exec nginx -c /etc/nginx/project.conf
0 ...ny/.manala/etc/services.d/php/down-signal → ....symfony/.manala/services/php/down-signal
View file
Open in desktop
File renamed without changes.
1 change: 1 addition & 0 deletions lazy.symfony/.manala/etc/services.d/php/run → lazy.symfony/.manala/services/php/run
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
#!/bin/sh

exec php-fpm --fpm-config /etc/php/default/fpm/project.conf
5 changes: 5 additions & 0 deletions lazy.symfony/.manala/services/ssh-auth-bridge/run
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#!/bin/sh

exec socat \
UNIX-LISTEN:/var/run/ssh-auth-bridge.sock,fork,unlink-early,mode=777 \
UNIX-CONNECT:/var/run/ssh-auth.sock
Loading