From b1ab73323d61a81813bb48fd89294078d8ed71e2 Mon Sep 17 00:00:00 2001 From: Dmitriy Safronov Date: Wed, 15 Jan 2025 13:41:33 +0400 Subject: [PATCH 1/2] entrypoint Signed-off-by: Dmitriy Safronov --- entrypoint.sh | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index f89ab00..2352a1f 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,9 +1,7 @@ #!/usr/bin/env sh die() { - RED='\033[0;31m' - NC='\033[0m' # No Color - echo -e '\[ '"${RED}$1${NC}"' ]/' + echo -e "* $1" exit 1 } @@ -11,8 +9,8 @@ test -n "$OPENWRT_SSH_CONFIG" && echo "$OPENWRT_SSH_CONFIG" > /opt/c test -n "$OPENWRT_SSH_KEY_ED25519" && echo "$OPENWRT_SSH_KEY_ED25519" > /opt/id_ed25519 test -n "$OPENWRT_SSH_KNOWN_HOSTS" && echo "$OPENWRT_SSH_KNOWN_HOSTS" > /opt/known_hosts -rsync -a /opt/ /home/openwrt/.ssh/ || die "Couldn't rsync user ssh settings" -chown -R openwrt:openwrt /home/openwrt/.ssh || die "Couldn't change ownership for user ssh settings" -chmod -R a-rwx,u+rwX /home/openwrt/.ssh || die "Couldn't change access rights for user ssh settings" +rsync -av -og --chown=openwrt:openwrt /opt/ /home/openwrt/.ssh/ || die "Couldn't rsync user ssh settings" +chown -Rv openwrt:openwrt /home/openwrt || die "Couldn't change ownership for user ssh settings" +chmod -Rv a-rwx,u+rwX /home/openwrt/.ssh || die "Couldn't change access rights for user ssh settings" exec sudo -u openwrt -g openwrt -E -H /sync.sh || die "Couldn't run sync script as user" -- GitLab From d0cafc099bb1775ea5eb12aee152657ee0850e3e Mon Sep 17 00:00:00 2001 From: Dmitriy Safronov Date: Wed, 15 Jan 2025 13:49:23 +0400 Subject: [PATCH 2/2] rework Signed-off-by: Dmitriy Safronov --- Dockerfile | 8 +++++--- entrypoint.sh | 20 ++++++++++++++++---- sync.sh | 19 ------------------- 3 files changed, 21 insertions(+), 26 deletions(-) delete mode 100644 sync.sh diff --git a/Dockerfile b/Dockerfile index 34a3a13..31465b3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,15 +11,17 @@ WORKDIR /tmp/openwrt ENTRYPOINT [ "/entrypoint.sh" ] -RUN apk --no-cache add sudo rsync && \ +RUN set -x && \ + apk --no-cache add sudo rsync && \ rm -rf /var/cache/apk/* && \ addgroup -S openwrt && \ adduser -S openwrt -G openwrt -h /home/openwrt && \ chown -R openwrt:openwrt /tmp/openwrt COPY entrypoint.sh /entrypoint.sh -COPY sync.sh /sync.sh -RUN chmod a+x /entrypoint.sh /sync.sh +RUN chmod a+x /entrypoint.sh + +USER openwrt:openwrt FROM runtime AS release diff --git a/entrypoint.sh b/entrypoint.sh index 2352a1f..167863b 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -9,8 +9,20 @@ test -n "$OPENWRT_SSH_CONFIG" && echo "$OPENWRT_SSH_CONFIG" > /opt/c test -n "$OPENWRT_SSH_KEY_ED25519" && echo "$OPENWRT_SSH_KEY_ED25519" > /opt/id_ed25519 test -n "$OPENWRT_SSH_KNOWN_HOSTS" && echo "$OPENWRT_SSH_KNOWN_HOSTS" > /opt/known_hosts -rsync -av -og --chown=openwrt:openwrt /opt/ /home/openwrt/.ssh/ || die "Couldn't rsync user ssh settings" -chown -Rv openwrt:openwrt /home/openwrt || die "Couldn't change ownership for user ssh settings" -chmod -Rv a-rwx,u+rwX /home/openwrt/.ssh || die "Couldn't change access rights for user ssh settings" +rsync -a -og --chown=openwrt:openwrt /opt/ /home/openwrt/.ssh/ || die "Couldn't rsync user ssh settings" +chown -R openwrt:openwrt /home/openwrt/.ssh || die "Couldn't change ownership for user ssh settings" +chmod -R a-rwx,u+rwX /home/openwrt/.ssh || die "Couldn't change access rights for user ssh settings" -exec sudo -u openwrt -g openwrt -E -H /sync.sh || die "Couldn't run sync script as user" +#exec sudo -u openwrt -g openwrt -E -H /sync.sh || die "Couldn't run sync script as user" +rsync -acxv --delete-after --exclude '*-opkg' -e "ssh -p ${OPENWRT_SSH_PORT:-22}" "${OPENWRT_SSH_HOST:-root@192.168.1.1}:/overlay/upper/" overlay/ || die "Couldn't rsync router config" + +find overlay/ -type d -empty -exec touch {}/.gitkeep \; + +git config --global user.email "${OPENWRT_GIT_EMAIL:-openwrt@example.com}" || die "Couldn't set email" +git config --global user.name "${OPENWRT_GIT_NAME:-OpenWRT Git bot}" || die "Couldn't set name" + +git add -A > /dev/null || die "Couldn't add files" +if [ -n "$(git status -su)" ]; then + git commit -q -m "${OPENWRT_GIT_COMMIT:-OpenWRT}" || die "Couldn't commit changes" + git push -q --force origin HEAD:${OPENWRT_GIT_BRANCH:-remote} || die "Couldn't push changes" +fi diff --git a/sync.sh b/sync.sh deleted file mode 100644 index 7bec91d..0000000 --- a/sync.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/env sh - -die() { - echo -e "* $1" - exit 1 -} - -rsync -acxv --delete-after --exclude '*-opkg' -e "ssh -p ${OPENWRT_SSH_PORT:-22}" "${OPENWRT_SSH_HOST:-root@192.168.1.1}:/overlay/upper/" overlay/ || die "Couldn't rsync router config" - -find overlay/ -type d -empty -exec touch {}/.gitkeep \; - -git config --global user.email "${OPENWRT_GIT_EMAIL:-openwrt@example.com}" || die "Couldn't set email" -git config --global user.name "${OPENWRT_GIT_NAME:-OpenWRT Git bot}" || die "Couldn't set name" - -git add -A > /dev/null || die "Couldn't add files" -if [ -n "$(git status -su)" ]; then - git commit -q -m "${OPENWRT_GIT_COMMIT:-OpenWRT}" || die "Couldn't commit changes" - git push -q --force origin HEAD:${OPENWRT_GIT_BRANCH:-remote} || die "Couldn't push changes" -fi -- GitLab