CommunEu
/
Passbolt
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'feature/add-subscription-check' into 'develop' 

Add subscription check on entrypoint

See merge request passbolt/passbolt_docker!130
This commit is contained in:
Daniel Del Rio 2021-04-29 16:24:37 +00:00
parent f1ac737df2 3fd0c5d91b
commit 585aa616c8
4 changed files with 93 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
debian/Dockerfile vendored
View File

@ -2,14 +2,16 @@ FROM debian:buster-slim
LABEL maintainer="Passbolt SA <contact@passbolt.com>" LABEL maintainer="Passbolt SA <contact@passbolt.com>"
ENV PASSBOLT_PKG_KEY=0xDE8B853FC155581D
ENV PHP_VERSION=7.3
ENV GNUPGHOME=/var/lib/passbolt/.gnupg
ARG PASSBOLT_REPO_URL="https://download.passbolt.com/ce/debian" ARG PASSBOLT_REPO_URL="https://download.passbolt.com/ce/debian"
ARG PASSBOLT_DISTRO="buster" ARG PASSBOLT_DISTRO="buster"
ARG PASSBOLT_COMPONENT="stable" ARG PASSBOLT_COMPONENT="stable"
ARG PASSBOLT_PKG=passbolt-ce-server ARG PASSBOLT_PKG=passbolt-ce-server
ARG PASSBOLT_FLAVOUR="ce"
ENV PASSBOLT_PKG_KEY=0xDE8B853FC155581D
ENV PHP_VERSION=7.3
ENV GNUPGHOME=/var/lib/passbolt/.gnupg
ENV PASSBOLT_FLAVOUR=$PASSBOLT_FLAVOUR
RUN apt-get update \ RUN apt-get update \
&& DEBIAN_FRONTEND=non-interactive apt-get -y install \ && DEBIAN_FRONTEND=non-interactive apt-get -y install \

42
debian/bin/docker-entrypoint.sh vendored
View File

@ -11,6 +11,8 @@ ssl_cert='/etc/ssl/certs/certificate.crt'
deprecation_message="" deprecation_message=""
subscription_key_file_paths=("/etc/passbolt/subscription_key.txt" "/etc/passbolt/license")
entropy_check() { entropy_check() {
local entropy_avail local entropy_avail
@ -70,6 +72,40 @@ gen_ssl_cert() {
-keyout $ssl_key -out $ssl_cert -keyout $ssl_key -out $ssl_cert
} }
get_subscription_file() {
if [ "${PASSBOLT_FLAVOUR}" == 'ce' ]; then
return 1
fi
# Look for subscription key on possible paths
for path in "${subscription_key_file_paths[@]}";
do
if [ -f "${path}" ]; then
SUBSCRIPTION_FILE="${path}"
return 0
fi
done
return 1
}
check_subscription() {
if get_subscription_file; then
echo "Subscription file found: $SUBSCRIPTION_FILE"
su -c "/usr/share/php/passbolt/bin/cake passbolt subscription_import --file $SUBSCRIPTION_FILE" -s /bin/bash www-data
fi
}
install_command() {
echo "Installing passbolt"
su -c '/usr/share/php/passbolt/bin/cake passbolt install --no-admin' -s /bin/bash www-data
}
migrate_command() {
echo "Running migrations"
su -c '/usr/share/php/passbolt/bin/cake passbolt migrate' -s /bin/bash www-data
}
install() { install() {
if [ ! -f "$passbolt_config/app.php" ]; then if [ ! -f "$passbolt_config/app.php" ]; then
su -c "cp $passbolt_config/app.default.php $passbolt_config/app.php" -s /bin/bash www-data su -c "cp $passbolt_config/app.default.php $passbolt_config/app.php" -s /bin/bash www-data
@ -80,7 +116,9 @@ install() {
export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint
fi fi
su -c '/usr/share/php/passbolt/bin/cake passbolt install --no-admin' -s /bin/bash www-data || su -c '/usr/share/php/passbolt/bin/cake passbolt migrate' -s /bin/bash www-data && echo "Enjoy! ☮" check_subscription || true
install_command || migrate_command && echo "Enjoy! ☮"
} }
create_deprecation_message() { create_deprecation_message() {
@ -91,7 +129,7 @@ check_deprecated_paths() {
declare -A deprecated_paths declare -A deprecated_paths
local deprecated_avatar_path="/var/www/passbolt/webroot/img/public/Avatar" local deprecated_avatar_path="/var/www/passbolt/webroot/img/public/Avatar"
local avatar_path="/usr/share/php/passbolt/webroot/img/public/Avatar" local avatar_path="/usr/share/php/passbolt/webroot/img/public/Avatar"
local deprecated_subscription_path="/var/www/passbolt/webroot/img/public/Avatar" local deprecated_subscription_path="/var/www/passbolt/config/license"
local subscription_path="/etc/passbolt/license" local subscription_path="/etc/passbolt/license"
deprecated_paths=( deprecated_paths=(
['/var/www/passbolt/config/gpg/serverkey.asc']='/etc/passbolt/gpg/serverkey.asc' ['/var/www/passbolt/config/gpg/serverkey.asc']='/etc/passbolt/gpg/serverkey.asc'

12
dev/Dockerfile
View File

@ -2,15 +2,17 @@ FROM php:7.3.24-fpm
LABEL maintainer="Passbolt SA <contact@passbolt.com>" LABEL maintainer="Passbolt SA <contact@passbolt.com>"
ARG PASSBOLT_VERSION="2.13.5" ARG PASSBOLT_VERSION="3.1.0"
ARG PASSBOLT_URL="https://github.com/passbolt/passbolt_api/archive/v${PASSBOLT_VERSION}.tar.gz" ARG PASSBOLT_URL="https://github.com/passbolt/passbolt_api/archive/v${PASSBOLT_VERSION}.tar.gz"
ARG PASSBOLT_CURL_HEADERS="" ARG PASSBOLT_CURL_HEADERS=""
ARG PASSBOLT_FLAVOUR="ce"
ARG PHP_EXTENSIONS="gd \ ARG PHP_EXTENSIONS="gd \
intl \ intl \
pdo_mysql \ pdo_mysql \
opcache \ opcache \
xsl" xsl \
ldap"
ARG PECL_PASSBOLT_EXTENSIONS="gnupg \ ARG PECL_PASSBOLT_EXTENSIONS="gnupg \
redis \ redis \
@ -22,7 +24,8 @@ ARG PASSBOLT_DEV_PACKAGES="libgpgme11-dev \
libicu-dev \ libicu-dev \
libxslt1-dev \ libxslt1-dev \
libmcrypt-dev \ libmcrypt-dev \
unzip" unzip \
libldap2-dev"
ARG PASSBOLT_BASE_PACKAGES="nginx \ ARG PASSBOLT_BASE_PACKAGES="nginx \
gnupg \ gnupg \
@ -34,6 +37,7 @@ ARG PASSBOLT_BASE_PACKAGES="nginx \
ENV PECL_BASE_URL="https://pecl.php.net/get" ENV PECL_BASE_URL="https://pecl.php.net/get"
ENV PHP_EXT_DIR="/usr/src/php/ext" ENV PHP_EXT_DIR="/usr/src/php/ext"
ENV PASSBOLT_FLAVOUR=$PASSBOLT_FLAVOUR
WORKDIR /var/www/passbolt WORKDIR /var/www/passbolt
RUN apt-get update \ RUN apt-get update \
@ -60,7 +64,7 @@ RUN apt-get update \
rm composer-setup.php; \ rm composer-setup.php; \
exit 1; \ exit 1; \
fi \ fi \
&& php composer-setup.php --1 \ && php composer-setup.php \
&& mv composer.phar /usr/local/bin/composer \ && mv composer.phar /usr/local/bin/composer \
&& rm composer-setup.php \ && rm composer-setup.php \
&& curl -sSL -H "$PASSBOLT_CURL_HEADERS" "$PASSBOLT_URL" | tar zxf - -C . --strip-components 1 \ && curl -sSL -H "$PASSBOLT_CURL_HEADERS" "$PASSBOLT_URL" | tar zxf - -C . --strip-components 1 \

40
dev/bin/docker-entrypoint.sh
View File

@ -8,6 +8,8 @@ gpg_public_key="${PASSBOLT_GPG_SERVER_KEY_PUBLIC:-/var/www/passbolt/config/gpg/s
ssl_key='/etc/ssl/certs/certificate.key' ssl_key='/etc/ssl/certs/certificate.key'
ssl_cert='/etc/ssl/certs/certificate.crt' ssl_cert='/etc/ssl/certs/certificate.crt'
subscription_key_file_paths=("/etc/passbolt/subscription_key.txt" "/etc/passbolt/license")
export GNUPGHOME="/home/www-data/.gnupg" export GNUPGHOME="/home/www-data/.gnupg"
entropy_check() { entropy_check() {
@ -69,6 +71,40 @@ gen_ssl_cert() {
-keyout $ssl_key -out $ssl_cert -keyout $ssl_key -out $ssl_cert
} }
get_subscription_file() {
if [ "${PASSBOLT_FLAVOUR}" == 'ce' ]; then
return 1
fi
# Look for subscription key on possible paths
for path in "${subscription_key_file_paths[@]}";
do
if [ -f "${path}" ]; then
SUBSCRIPTION_FILE="${path}"
return 0
fi
done
return 1
}
check_subscription() {
if get_subscription_file; then
echo "Subscription file found: $SUBSCRIPTION_FILE"
su -c "/usr/share/php/passbolt/bin/cake passbolt subscription_import --file $SUBSCRIPTION_FILE" -s /bin/bash www-data
fi
}
install_command() {
echo "Installing passbolt"
su -c './bin/cake passbolt install --no-admin' -s /bin/bash www-data
}
migrate_command() {
echo "Running migrations"
su -c './bin/cake passbolt migrate' -s /bin/bash www-data
}
install() { install() {
local app_config="/var/www/passbolt/config/app.php" local app_config="/var/www/passbolt/config/app.php"
@ -81,7 +117,9 @@ install() {
export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint
fi fi
su -c '/var/www/passbolt/bin/cake passbolt install --no-admin' -s /bin/bash www-data || su -c '/var/www/passbolt/bin/cake passbolt migrate' -s /bin/bash www-data && echo "Enjoy! ☮" check_subscription || true
install_command || migrate_command
} }
if [ ! -f "$gpg_private_key" ] && [ ! -L "$gpg_private_key" ] || \ if [ ! -f "$gpg_private_key" ] && [ ! -L "$gpg_private_key" ] || \