From 532085aecfa77b4c01b4662287aace80afb9c6b5 Mon Sep 17 00:00:00 2001 From: Daniel Del Rio Figueira Date: Thu, 22 Apr 2021 16:21:40 +0200 Subject: [PATCH 1/8] Changed: add PASSBOLT_FLAVOUR env variable --- debian/Dockerfile | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/debian/Dockerfile b/debian/Dockerfile index 47674c4..eb3d693 100644 --- a/debian/Dockerfile +++ b/debian/Dockerfile @@ -2,14 +2,16 @@ FROM debian:buster-slim LABEL maintainer="Passbolt SA " -ENV PASSBOLT_PKG_KEY=0xDE8B853FC155581D -ENV PHP_VERSION=7.3 -ENV GNUPGHOME=/var/lib/passbolt/.gnupg - ARG PASSBOLT_REPO_URL="https://download.passbolt.com/ce/debian" ARG PASSBOLT_DISTRO="buster" ARG PASSBOLT_COMPONENT="stable" ARG PASSBOLT_PKG=passbolt-ce-server +ARG PASSBOLT_FLAVOUR="ce" + +ENV PASSBOLT_PKG_KEY=0xDE8B853FC155581D +ENV PHP_VERSION=7.3 +ENV GNUPGHOME=/var/lib/passbolt/.gnupg +ENV PASSBOLT_FLAVOUR=$PASSBOLT_FLAVOUR RUN apt-get update \ && DEBIAN_FRONTEND=non-interactive apt-get -y install \ From 178f97e4341230c6a933c8ff8f149d2ba9b83b05 Mon Sep 17 00:00:00 2001 From: Daniel Del Rio Figueira Date: Thu, 22 Apr 2021 16:22:26 +0200 Subject: [PATCH 2/8] Changed: fix deprecated license path --- debian/bin/docker-entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/bin/docker-entrypoint.sh b/debian/bin/docker-entrypoint.sh index 5c1f803..3a31c25 100755 --- a/debian/bin/docker-entrypoint.sh +++ b/debian/bin/docker-entrypoint.sh @@ -91,7 +91,7 @@ check_deprecated_paths() { declare -A deprecated_paths local deprecated_avatar_path="/var/www/passbolt/webroot/img/public/Avatar" local avatar_path="/usr/share/php/passbolt/webroot/img/public/Avatar" - local deprecated_subscription_path="/var/www/passbolt/webroot/img/public/Avatar" + local deprecated_subscription_path="/var/www/passbolt/config/license" local subscription_path="/etc/passbolt/license" deprecated_paths=( ['/var/www/passbolt/config/gpg/serverkey.asc']='/etc/passbolt/gpg/serverkey.asc' From c2173e37e219894e6ac0a6ac3e941f83ccd9f528 Mon Sep 17 00:00:00 2001 From: Daniel Del Rio Figueira Date: Thu, 22 Apr 2021 16:23:15 +0200 Subject: [PATCH 3/8] Changed: add subscription key check --- debian/bin/docker-entrypoint.sh | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/debian/bin/docker-entrypoint.sh b/debian/bin/docker-entrypoint.sh index 3a31c25..204b623 100755 --- a/debian/bin/docker-entrypoint.sh +++ b/debian/bin/docker-entrypoint.sh @@ -11,6 +11,8 @@ ssl_cert='/etc/ssl/certs/certificate.crt' deprecation_message="" +subscription_key_file_paths=("/etc/passbolt/subscription_key.txt" "/etc/passbolt/license") + entropy_check() { local entropy_avail @@ -70,6 +72,29 @@ gen_ssl_cert() { -keyout $ssl_key -out $ssl_cert } +get_subscription_file() { + if [ "${PASSBOLT_FLAVOUR}" == 'ce' ]; then + return 1 + fi + + # Look for subscription key on possible paths + for path in "${subscription_key_file_paths[@]}"; + do + if [ -f "${path}" ]; then + SUBSCRIPTION_FILE="${path}" + return 0 + fi + done + + return 1 +} + +check_subscription() { + if get_subscription_file; then + su -c "/usr/share/php/passbolt/bin/cake passbolt subscription_import $SUBSCRIPTION_FILE" -s /bin/bash www-data + fi +} + install() { if [ ! -f "$passbolt_config/app.php" ]; then su -c "cp $passbolt_config/app.default.php $passbolt_config/app.php" -s /bin/bash www-data @@ -80,6 +105,8 @@ install() { export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint fi + check_subscription + su -c '/usr/share/php/passbolt/bin/cake passbolt install --no-admin' -s /bin/bash www-data || su -c '/usr/share/php/passbolt/bin/cake passbolt migrate' -s /bin/bash www-data && echo "Enjoy! ☮" } From dc16792bed9fdf157d0a8eae8e6c6d4191557b39 Mon Sep 17 00:00:00 2001 From: Daniel Del Rio Figueira Date: Thu, 29 Apr 2021 17:52:31 +0200 Subject: [PATCH 4/8] Changed: allow check_subscription to fail before installing passbolt --- debian/bin/docker-entrypoint.sh | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/debian/bin/docker-entrypoint.sh b/debian/bin/docker-entrypoint.sh index 204b623..98eefbe 100755 --- a/debian/bin/docker-entrypoint.sh +++ b/debian/bin/docker-entrypoint.sh @@ -91,10 +91,21 @@ get_subscription_file() { check_subscription() { if get_subscription_file; then - su -c "/usr/share/php/passbolt/bin/cake passbolt subscription_import $SUBSCRIPTION_FILE" -s /bin/bash www-data + echo "Subscription file found: $SUBSCRIPTION_FILE" + su -c "/usr/share/php/passbolt/bin/cake passbolt subscription_import --file $SUBSCRIPTION_FILE" -s /bin/bash www-data fi } +install_command() { + echo "Installing passbolt" + su -c '/usr/share/php/passbolt/bin/cake passbolt install --no-admin' -s /bin/bash www-data +} + +migrate_command() { + echo "Running migrations" + su -c '/usr/share/php/passbolt/bin/cake passbolt migrate' -s /bin/bash www-data +} + install() { if [ ! -f "$passbolt_config/app.php" ]; then su -c "cp $passbolt_config/app.default.php $passbolt_config/app.php" -s /bin/bash www-data @@ -105,9 +116,9 @@ install() { export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint fi - check_subscription + check_subscription || true - su -c '/usr/share/php/passbolt/bin/cake passbolt install --no-admin' -s /bin/bash www-data || su -c '/usr/share/php/passbolt/bin/cake passbolt migrate' -s /bin/bash www-data && echo "Enjoy! ☮" + install_command || migrate_command && echo "Enjoy! ☮" } create_deprecation_message() { From 4eeae8033607dc1fb1a94c7071c19a8d90ce1202 Mon Sep 17 00:00:00 2001 From: Daniel Del Rio Figueira Date: Thu, 29 Apr 2021 18:09:58 +0200 Subject: [PATCH 5/8] Changed: update environment --- dev/Dockerfile | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/dev/Dockerfile b/dev/Dockerfile index 6632dd0..b8d3357 100644 --- a/dev/Dockerfile +++ b/dev/Dockerfile @@ -2,15 +2,17 @@ FROM php:7.3.24-fpm LABEL maintainer="Passbolt SA " -ARG PASSBOLT_VERSION="2.13.5" +ARG PASSBOLT_VERSION="3.1.0" ARG PASSBOLT_URL="https://github.com/passbolt/passbolt_api/archive/v${PASSBOLT_VERSION}.tar.gz" ARG PASSBOLT_CURL_HEADERS="" +ARG PASSBOLT_FLAVOUR="ce" ARG PHP_EXTENSIONS="gd \ intl \ pdo_mysql \ opcache \ - xsl" + xsl \ + ldap" ARG PECL_PASSBOLT_EXTENSIONS="gnupg \ redis \ @@ -34,6 +36,7 @@ ARG PASSBOLT_BASE_PACKAGES="nginx \ ENV PECL_BASE_URL="https://pecl.php.net/get" ENV PHP_EXT_DIR="/usr/src/php/ext" +ENV PASSBOLT_FLAVOUR=$PASSBOLT_FLAVOUR WORKDIR /var/www/passbolt RUN apt-get update \ From 490d261e1b2cd9cbc9591d0a144cf512a4053e0d Mon Sep 17 00:00:00 2001 From: Daniel Del Rio Figueira Date: Thu, 29 Apr 2021 18:11:02 +0200 Subject: [PATCH 6/8] Changed: add pro dependencies --- dev/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dev/Dockerfile b/dev/Dockerfile index b8d3357..364560e 100644 --- a/dev/Dockerfile +++ b/dev/Dockerfile @@ -24,7 +24,8 @@ ARG PASSBOLT_DEV_PACKAGES="libgpgme11-dev \ libicu-dev \ libxslt1-dev \ libmcrypt-dev \ - unzip" + unzip \ + libldap2-dev" ARG PASSBOLT_BASE_PACKAGES="nginx \ gnupg \ From fa8e8e2b4a657dd8bd3ce25bdb8a2498721cce9d Mon Sep 17 00:00:00 2001 From: Daniel Del Rio Figueira Date: Thu, 29 Apr 2021 18:12:11 +0200 Subject: [PATCH 7/8] Changed: use composer 2 --- dev/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev/Dockerfile b/dev/Dockerfile index 364560e..7dd1a73 100644 --- a/dev/Dockerfile +++ b/dev/Dockerfile @@ -64,7 +64,7 @@ RUN apt-get update \ rm composer-setup.php; \ exit 1; \ fi \ - && php composer-setup.php --1 \ + && php composer-setup.php \ && mv composer.phar /usr/local/bin/composer \ && rm composer-setup.php \ && curl -sSL -H "$PASSBOLT_CURL_HEADERS" "$PASSBOLT_URL" | tar zxf - -C . --strip-components 1 \ From 3fd0c5d91ba43fa390ec20cfef2a21c2607df6de Mon Sep 17 00:00:00 2001 From: Daniel Del Rio Figueira Date: Thu, 29 Apr 2021 18:12:28 +0200 Subject: [PATCH 8/8] Changed: add check_subscription machinery --- dev/bin/docker-entrypoint.sh | 40 +++++++++++++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/dev/bin/docker-entrypoint.sh b/dev/bin/docker-entrypoint.sh index 09784b4..a7bb533 100755 --- a/dev/bin/docker-entrypoint.sh +++ b/dev/bin/docker-entrypoint.sh @@ -8,6 +8,8 @@ gpg_public_key="${PASSBOLT_GPG_SERVER_KEY_PUBLIC:-/var/www/passbolt/config/gpg/s ssl_key='/etc/ssl/certs/certificate.key' ssl_cert='/etc/ssl/certs/certificate.crt' +subscription_key_file_paths=("/etc/passbolt/subscription_key.txt" "/etc/passbolt/license") + export GNUPGHOME="/home/www-data/.gnupg" entropy_check() { @@ -69,6 +71,40 @@ gen_ssl_cert() { -keyout $ssl_key -out $ssl_cert } +get_subscription_file() { + if [ "${PASSBOLT_FLAVOUR}" == 'ce' ]; then + return 1 + fi + + # Look for subscription key on possible paths + for path in "${subscription_key_file_paths[@]}"; + do + if [ -f "${path}" ]; then + SUBSCRIPTION_FILE="${path}" + return 0 + fi + done + + return 1 +} + +check_subscription() { + if get_subscription_file; then + echo "Subscription file found: $SUBSCRIPTION_FILE" + su -c "/usr/share/php/passbolt/bin/cake passbolt subscription_import --file $SUBSCRIPTION_FILE" -s /bin/bash www-data + fi +} + +install_command() { + echo "Installing passbolt" + su -c './bin/cake passbolt install --no-admin' -s /bin/bash www-data +} + +migrate_command() { + echo "Running migrations" + su -c './bin/cake passbolt migrate' -s /bin/bash www-data +} + install() { local app_config="/var/www/passbolt/config/app.php" @@ -81,7 +117,9 @@ install() { export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint fi - su -c '/var/www/passbolt/bin/cake passbolt install --no-admin' -s /bin/bash www-data || su -c '/var/www/passbolt/bin/cake passbolt migrate' -s /bin/bash www-data && echo "Enjoy! ☮" + check_subscription || true + + install_command || migrate_command } if [ ! -f "$gpg_private_key" ] && [ ! -L "$gpg_private_key" ] || \