3 months ago · b4f8efcfd0
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,4 +1,3 @@
 version: '3.1'
 services:
  openldap:
    build:
@@ -21,9 +20,7 @@ services:
    hostname: openldap.${DOMAIN}

  db:
    build:
      context: ./images/mariadb/
    image: bingen/${ARCH}-mariadb:latest
    image: mariadb:lts
    env_file:
      - mariadb.env
    networks:
@@ -31,7 +28,6 @@ services:
    #ports:
      #- "3306:3306"
    volumes:
      #- ${DB_CONFIG_VOLUME_PATH}:/etc/mysql
      - ${DB_DATA_VOLUME_PATH}:/var/lib/mysql

  haproxy:
--- a/images/mariadb/Dockerfile
+++ b/images/mariadb/Dockerfile
@@ -1,42 +0,0 @@
 #
 # MariaDB Dockerfile

 # Pull base image.
 FROM debian:buster

 ENV DEBIAN_FRONTEND=noninteractive

 # Install MariaDB.
 RUN \
  apt-get update && \
  apt-get upgrade -y  && \
  apt-get -y install mariadb-server procps

 RUN  find /etc/mysql/ -name *.cnf -exec sed -i 's/^\(bind-address\s.*\)/# \1/' {} \;
 #RUN \
 #  find /etc/mysql/ -name *.cnf -exec sed -i 's/^\(bind-address\s.*\)/# \1/' {} \; && \
 #  echo "mysqld_safe &" > /tmp/config && \
 #  echo "mysqladmin --silent --wait=30 ping || exit 1" >> /tmp/config && \
 #  echo "mysql -e 'GRANT ALL PRIVILEGES ON *.* TO \"root\"@\"%\" WITH GRANT OPTION;'" >> /tmp/config && \
 #  bash /tmp/config && \
 #  mysql -e "SELECT Host, User, Password FROM mysql.user;" > /tmp/a.out
  #rm -f /tmp/config

 COPY tuning.cnf /etc/mysql/conf.d/tuning.cnf

 COPY tuning-primer.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/tuning-primer.sh
 COPY mysqltuner.pl /usr/local/bin/
 RUN chmod +x /usr/local/bin/mysqltuner.pl

 COPY startup.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/startup.sh

 # Define mountable directories.
 #VOLUME ["/var/lib/mysql"]

 # Define default command.
 CMD ["/usr/local/bin/startup.sh"]

 # Expose ports.
 EXPOSE 3306
--- a/images/mariadb/Dockerfile.template
+++ b/images/mariadb/Dockerfile.template
@@ -1,42 +0,0 @@
 #
 # MariaDB Dockerfile

 # Pull base image.
 FROM BASE_IMAGE_PLACEHOLDER

 ENV DEBIAN_FRONTEND=noninteractive

 # Install MariaDB.
 RUN \
  apt-get update && \
  apt-get upgrade -y  && \
  apt-get -y install mariadb-server procps

 RUN  find /etc/mysql/ -name *.cnf -exec sed -i 's/^\(bind-address\s.*\)/# \1/' {} \;
 #RUN \
 #  find /etc/mysql/ -name *.cnf -exec sed -i 's/^\(bind-address\s.*\)/# \1/' {} \; && \
 #  echo "mysqld_safe &" > /tmp/config && \
 #  echo "mysqladmin --silent --wait=30 ping || exit 1" >> /tmp/config && \
 #  echo "mysql -e 'GRANT ALL PRIVILEGES ON *.* TO \"root\"@\"%\" WITH GRANT OPTION;'" >> /tmp/config && \
 #  bash /tmp/config && \
 #  mysql -e "SELECT Host, User, Password FROM mysql.user;" > /tmp/a.out
  #rm -f /tmp/config

 COPY tuning.cnf /etc/mysql/conf.d/tuning.cnf

 COPY tuning-primer.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/tuning-primer.sh
 COPY mysqltuner.pl /usr/local/bin/
 RUN chmod +x /usr/local/bin/mysqltuner.pl

 COPY startup.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/startup.sh

 # Define mountable directories.
 #VOLUME ["/var/lib/mysql"]

 # Define default command.
 CMD ["/usr/local/bin/startup.sh"]

 # Expose ports.
 EXPOSE 3306
--- a/images/mariadb/README.md
+++ b/images/mariadb/README.md
@@ -1 +0,0 @@
 # rpi-mariadb
--- a/images/mariadb/mysqltuner.pl
+++ b/images/mariadb/mysqltuner.pl
--- a/images/mariadb/startup.sh
+++ b/images/mariadb/startup.sh
@@ -1,58 +0,0 @@
 #!/bin/bash

 echo "Permissions"
 chown -R mysql:mysql /var/lib/mysql

 # set root password from secret
 if [ ! -z $MYSQL_ROOT_PWD_FILE -a -f $MYSQL_ROOT_PWD_FILE ]; then
    MYSQL_ROOT_PWD=`cat $MYSQL_ROOT_PWD_FILE`;
 fi

 if [ ! -z $MYSQL_ROOT_PWD ]; then
    # start server
    echo "Starting server"
    /usr/bin/mariadbd-safe --datadir='/var/lib/mysql' & #--skip-grant-tables &
    pid="$!"
    echo "Mysql pid: $pid"

    mysql=( mysql  )

    for i in {30..0}; do
        if echo 'SELECT 1' | "${mysql}" &> /dev/null; then
            break
        fi
        echo 'MySQL init process in progress...'
        sleep 1
    done
    if [ "$i" = 0 ]; then
        echo >&2 'MySQL init process failed or there already was data with a root password set.'
    fi

    # Allow access from outside
    #echo "INSERT INTO mysql.user (Host, User) VALUES ('%', 'root');" | "${mysql}"
    echo 'GRANT ALL PRIVILEGES ON *.* TO "root"@"%" WITH GRANT OPTION;' | "${mysql}"
    # set root password
    echo "Setting root password"
    #/usr/bin/mysqladmin -u root flush-privileges password "$MYSQL_ROOT_PWD"
    echo "USE mysql;" | "${mysql}"
    echo "ALTER USER 'root'@'localhost' IDENTIFIED VIA mysql_native_password;" | "${mysql}"
    echo "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('$MYSQL_ROOT_PWD');" | "${mysql}"
    echo "FLUSH PRIVILEGES;" | "${mysql}"
    #echo "SET PASSWORD FOR 'root' = PASSWORD('$MYSQL_ROOT_PWD');" | "${mysql}"
    if [ $? != 0 ]; then
        echo >&2 'MySQL root password setting failed.'
        #exit 1
    fi

    # Stop server
    echo "Stopping server"
    #if ! kill -s TERM "$pid" || ! wait "$pid"; then
    if ! mysqladmin -u root -p"$MYSQL_ROOT_PWD" shutdown || ! wait "$pid"; then
        echo >&2 'MySQL stop process failed.'
        #exit 1
    fi

 fi

 echo "Restarting server"
 /usr/bin/mariadbd-safe --datadir='/var/lib/mysql'
--- a/images/mariadb/tuning-primer.sh
+++ b/images/mariadb/tuning-primer.sh
--- a/images/mariadb/tuning.cnf
+++ b/images/mariadb/tuning.cnf
@@ -1,8 +0,0 @@
 [mysqld]

 #join_buffer_size = 128.0K

 #innodb_buffer_pool_size = 1.0G
 innodb_buffer_pool_size = 384M
 innodb_log_file_size = 16M
 innodb_buffer_pool_instances = 1
--- a/images/nextcloud/docker-entrypoint.sh
+++ b/images/nextcloud/docker-entrypoint.sh
@@ -21,8 +21,8 @@ if [ ! -z $LDAP_BIND_PWD_FILE -a -f $LDAP_BIND_PWD_FILE ]; then
    LDAP_BIND_PWD=`cat $LDAP_BIND_PWD_FILE`;
 fi
 # set DB root password from secret
 if [ ! -z $MYSQL_ROOT_PWD_FILE -a -f $MYSQL_ROOT_PWD_FILE ]; then
    MYSQL_ROOT_PWD=`cat $MYSQL_ROOT_PWD_FILE`;
 if [ ! -z $MARIADB_ROOT_PWD_FILE -a -f $MARIADB_ROOT_PWD_FILE ]; then
    MARIADB_ROOT_PWD=`cat $MARIADB_ROOT_PWD_FILE`;
 fi
 # set password salt from secret
 if [ ! -z $NEXTCLOUD_SALT_FILE -a -f $NEXTCLOUD_SALT_FILE ]; then
@@ -70,33 +70,33 @@ function check_result {
 sleep 60 # to avoid hitting it while the first start for setting root pwd
 R=111
 while [ $R -eq 111 ]; do
    mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "SHOW DATABASES"  2> /dev/null;
    mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "SHOW DATABASES"  2> /dev/null;
    R=$?;
 done

 # check if DB exists
 DB_EXISTS=$(mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "SHOW DATABASES" 2> /dev/null | grep ${NEXTCLOUD_DB_NAME})
 DB_EXISTS=$(mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "SHOW DATABASES" 2> /dev/null | grep ${NEXTCLOUD_DB_NAME})
 echo "DB exists: ${DB_EXISTS}"

 if [ -z "${DB_EXISTS}" ]; then
    echo "Creating Database"
    #mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "DROP DATABASE IF EXISTS ${NEXTCLOUD_DB_NAME};"
    #mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "DROP DATABASE IF EXISTS ${NEXTCLOUD_DB_NAME};"
    #check_result $? "Dropping DB"
    mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "CREATE DATABASE ${NEXTCLOUD_DB_NAME};"
    mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "CREATE DATABASE ${NEXTCLOUD_DB_NAME};"
    check_result $? "Creating DB"
 fi

 echo "Creating User"
 # 'IF EXISTS' for DROP USER is available from MariaDB 10.1.3 only
 mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "DROP USER ${NEXTCLOUD_DB_USER};" || echo "It seems it didn't exist"
 mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "CREATE USER ${NEXTCLOUD_DB_USER} IDENTIFIED BY '${NEXTCLOUD_DB_PWD}';"
 mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "DROP USER ${NEXTCLOUD_DB_USER};" || echo "It seems it didn't exist"
 mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "CREATE USER ${NEXTCLOUD_DB_USER} IDENTIFIED BY '${NEXTCLOUD_DB_PWD}';"
 check_result $? "Creating User"
 mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "GRANT ALL ON ${NEXTCLOUD_DB_NAME}.* TO ${NEXTCLOUD_DB_USER};"
 mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "GRANT ALL ON ${NEXTCLOUD_DB_NAME}.* TO ${NEXTCLOUD_DB_USER};"
 check_result $? "Granting permissions"
 mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "FLUSH PRIVILEGES;"
 mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "FLUSH PRIVILEGES;"
 check_result $? "Flushing privileges"

 unset MYSQL_ROOT_PWD
 unset MARIADB_ROOT_PWD

 # DB Backup
 if [ ! -z "${DB_EXISTS}" -a ! -z "${NEXTCLOUD_DB_BACKUP}" -a -f "${NEXTCLOUD_DB_BACKUP}" ]; then
--- a/mariadb.env.template
+++ b/mariadb.env.template
@@ -1 +1 @@
 MYSQL_ROOT_PWD_FILE=/run/secrets/admin_pwd
 MARIADB_ROOT_PWD_FILE=/run/secrets/admin_pwd
--- a/nextcloud.env.template
+++ b/nextcloud.env.template
@@ -11,7 +11,7 @@ LDAP_BIND_PWD_FILE=/run/secrets/ldap_pwd
 LDAP_SEARCH_BASE=dc=${ORGANIZATION},dc=${EXTENSION}

 # DB
 MYSQL_ROOT_PWD_FILE=/run/secrets/mysql_pwd
 MARIADB_ROOT_PWD_FILE=/run/secrets/mysql_pwd
 DB_HOST=db
 NEXTCLOUD_DB_NAME=nextcloud
 NEXTCLOUD_DB_USER=nextcloud
--- a/setup.sh
+++ b/setup.sh
@@ -254,8 +254,8 @@ cp pihole.env.template pihole.env
 chmod 600 *.env

 # Passwords
 echo MYSQL_ROOT_PWD=$db_pwd >> mariadb.env
 echo MYSQL_ROOT_PWD=$db_pwd >> nextcloud.env
 echo MARIADB_ROOT_PWD=$db_pwd >> mariadb.env
 echo MARIADB_ROOT_PWD=$db_pwd >> nextcloud.env

 echo LDAP_ADMIN_PWD=$ldap_pwd >> openldap.env
 echo LDAP_MAIL_PWD=$ldap_mail_pwd >> openldap.env