diff --git a/debian/Dockerfile b/debian/Dockerfile index 47674c4..eb3d693 100644 --- a/debian/Dockerfile +++ b/debian/Dockerfile @@ -2,14 +2,16 @@ FROM debian:buster-slim LABEL maintainer="Passbolt SA " -ENV PASSBOLT_PKG_KEY=0xDE8B853FC155581D -ENV PHP_VERSION=7.3 -ENV GNUPGHOME=/var/lib/passbolt/.gnupg - ARG PASSBOLT_REPO_URL="https://download.passbolt.com/ce/debian" ARG PASSBOLT_DISTRO="buster" ARG PASSBOLT_COMPONENT="stable" ARG PASSBOLT_PKG=passbolt-ce-server +ARG PASSBOLT_FLAVOUR="ce" + +ENV PASSBOLT_PKG_KEY=0xDE8B853FC155581D +ENV PHP_VERSION=7.3 +ENV GNUPGHOME=/var/lib/passbolt/.gnupg +ENV PASSBOLT_FLAVOUR=$PASSBOLT_FLAVOUR RUN apt-get update \ && DEBIAN_FRONTEND=non-interactive apt-get -y install \ diff --git a/debian/bin/docker-entrypoint.sh b/debian/bin/docker-entrypoint.sh index 5c1f803..98eefbe 100755 --- a/debian/bin/docker-entrypoint.sh +++ b/debian/bin/docker-entrypoint.sh @@ -11,6 +11,8 @@ ssl_cert='/etc/ssl/certs/certificate.crt' deprecation_message="" +subscription_key_file_paths=("/etc/passbolt/subscription_key.txt" "/etc/passbolt/license") + entropy_check() { local entropy_avail @@ -70,6 +72,40 @@ gen_ssl_cert() { -keyout $ssl_key -out $ssl_cert } +get_subscription_file() { + if [ "${PASSBOLT_FLAVOUR}" == 'ce' ]; then + return 1 + fi + + # Look for subscription key on possible paths + for path in "${subscription_key_file_paths[@]}"; + do + if [ -f "${path}" ]; then + SUBSCRIPTION_FILE="${path}" + return 0 + fi + done + + return 1 +} + +check_subscription() { + if get_subscription_file; then + echo "Subscription file found: $SUBSCRIPTION_FILE" + su -c "/usr/share/php/passbolt/bin/cake passbolt subscription_import --file $SUBSCRIPTION_FILE" -s /bin/bash www-data + fi +} + +install_command() { + echo "Installing passbolt" + su -c '/usr/share/php/passbolt/bin/cake passbolt install --no-admin' -s /bin/bash www-data +} + +migrate_command() { + echo "Running migrations" + su -c '/usr/share/php/passbolt/bin/cake passbolt migrate' -s /bin/bash www-data +} + install() { if [ ! -f "$passbolt_config/app.php" ]; then su -c "cp $passbolt_config/app.default.php $passbolt_config/app.php" -s /bin/bash www-data @@ -80,7 +116,9 @@ install() { export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint fi - su -c '/usr/share/php/passbolt/bin/cake passbolt install --no-admin' -s /bin/bash www-data || su -c '/usr/share/php/passbolt/bin/cake passbolt migrate' -s /bin/bash www-data && echo "Enjoy! ☮" + check_subscription || true + + install_command || migrate_command && echo "Enjoy! ☮" } create_deprecation_message() { @@ -91,7 +129,7 @@ check_deprecated_paths() { declare -A deprecated_paths local deprecated_avatar_path="/var/www/passbolt/webroot/img/public/Avatar" local avatar_path="/usr/share/php/passbolt/webroot/img/public/Avatar" - local deprecated_subscription_path="/var/www/passbolt/webroot/img/public/Avatar" + local deprecated_subscription_path="/var/www/passbolt/config/license" local subscription_path="/etc/passbolt/license" deprecated_paths=( ['/var/www/passbolt/config/gpg/serverkey.asc']='/etc/passbolt/gpg/serverkey.asc' diff --git a/dev/Dockerfile b/dev/Dockerfile index 6632dd0..7dd1a73 100644 --- a/dev/Dockerfile +++ b/dev/Dockerfile @@ -2,15 +2,17 @@ FROM php:7.3.24-fpm LABEL maintainer="Passbolt SA " -ARG PASSBOLT_VERSION="2.13.5" +ARG PASSBOLT_VERSION="3.1.0" ARG PASSBOLT_URL="https://github.com/passbolt/passbolt_api/archive/v${PASSBOLT_VERSION}.tar.gz" ARG PASSBOLT_CURL_HEADERS="" +ARG PASSBOLT_FLAVOUR="ce" ARG PHP_EXTENSIONS="gd \ intl \ pdo_mysql \ opcache \ - xsl" + xsl \ + ldap" ARG PECL_PASSBOLT_EXTENSIONS="gnupg \ redis \ @@ -22,7 +24,8 @@ ARG PASSBOLT_DEV_PACKAGES="libgpgme11-dev \ libicu-dev \ libxslt1-dev \ libmcrypt-dev \ - unzip" + unzip \ + libldap2-dev" ARG PASSBOLT_BASE_PACKAGES="nginx \ gnupg \ @@ -34,6 +37,7 @@ ARG PASSBOLT_BASE_PACKAGES="nginx \ ENV PECL_BASE_URL="https://pecl.php.net/get" ENV PHP_EXT_DIR="/usr/src/php/ext" +ENV PASSBOLT_FLAVOUR=$PASSBOLT_FLAVOUR WORKDIR /var/www/passbolt RUN apt-get update \ @@ -60,7 +64,7 @@ RUN apt-get update \ rm composer-setup.php; \ exit 1; \ fi \ - && php composer-setup.php --1 \ + && php composer-setup.php \ && mv composer.phar /usr/local/bin/composer \ && rm composer-setup.php \ && curl -sSL -H "$PASSBOLT_CURL_HEADERS" "$PASSBOLT_URL" | tar zxf - -C . --strip-components 1 \ diff --git a/dev/bin/docker-entrypoint.sh b/dev/bin/docker-entrypoint.sh index 09784b4..a7bb533 100755 --- a/dev/bin/docker-entrypoint.sh +++ b/dev/bin/docker-entrypoint.sh @@ -8,6 +8,8 @@ gpg_public_key="${PASSBOLT_GPG_SERVER_KEY_PUBLIC:-/var/www/passbolt/config/gpg/s ssl_key='/etc/ssl/certs/certificate.key' ssl_cert='/etc/ssl/certs/certificate.crt' +subscription_key_file_paths=("/etc/passbolt/subscription_key.txt" "/etc/passbolt/license") + export GNUPGHOME="/home/www-data/.gnupg" entropy_check() { @@ -69,6 +71,40 @@ gen_ssl_cert() { -keyout $ssl_key -out $ssl_cert } +get_subscription_file() { + if [ "${PASSBOLT_FLAVOUR}" == 'ce' ]; then + return 1 + fi + + # Look for subscription key on possible paths + for path in "${subscription_key_file_paths[@]}"; + do + if [ -f "${path}" ]; then + SUBSCRIPTION_FILE="${path}" + return 0 + fi + done + + return 1 +} + +check_subscription() { + if get_subscription_file; then + echo "Subscription file found: $SUBSCRIPTION_FILE" + su -c "/usr/share/php/passbolt/bin/cake passbolt subscription_import --file $SUBSCRIPTION_FILE" -s /bin/bash www-data + fi +} + +install_command() { + echo "Installing passbolt" + su -c './bin/cake passbolt install --no-admin' -s /bin/bash www-data +} + +migrate_command() { + echo "Running migrations" + su -c './bin/cake passbolt migrate' -s /bin/bash www-data +} + install() { local app_config="/var/www/passbolt/config/app.php" @@ -81,7 +117,9 @@ install() { export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint fi - su -c '/var/www/passbolt/bin/cake passbolt install --no-admin' -s /bin/bash www-data || su -c '/var/www/passbolt/bin/cake passbolt migrate' -s /bin/bash www-data && echo "Enjoy! ☮" + check_subscription || true + + install_command || migrate_command } if [ ! -f "$gpg_private_key" ] && [ ! -L "$gpg_private_key" ] || \