12 измененных файлов: 16 добавлений и 8362 удалений
+ 1
- 5
docker-compose.yml
Просмотреть файл
| version: '3.1' | |||||
| services: | services: | ||||
| openldap: | openldap: | ||||
| build: | build: | ||||
| hostname: openldap.${DOMAIN} | hostname: openldap.${DOMAIN} | ||||
| db: | db: | ||||
| build: | |||||
| context: ./images/mariadb/ | |||||
| image: bingen/${ARCH}-mariadb:latest | |||||
| image: mariadb:lts | |||||
| env_file: | env_file: | ||||
| - mariadb.env | - mariadb.env | ||||
| networks: | networks: | ||||
| #ports: | #ports: | ||||
| #- "3306:3306" | #- "3306:3306" | ||||
| volumes: | volumes: | ||||
| #- ${DB_CONFIG_VOLUME_PATH}:/etc/mysql | |||||
| - ${DB_DATA_VOLUME_PATH}:/var/lib/mysql | - ${DB_DATA_VOLUME_PATH}:/var/lib/mysql | ||||
| haproxy: | haproxy: |
+ 0
- 42
images/mariadb/Dockerfile
Просмотреть файл
| # | |||||
| # MariaDB Dockerfile | |||||
| # Pull base image. | |||||
| FROM debian:buster | |||||
| ENV DEBIAN_FRONTEND=noninteractive | |||||
| # Install MariaDB. | |||||
| RUN \ | |||||
| apt-get update && \ | |||||
| apt-get upgrade -y && \ | |||||
| apt-get -y install mariadb-server procps | |||||
| RUN find /etc/mysql/ -name *.cnf -exec sed -i 's/^\(bind-address\s.*\)/# \1/' {} \; | |||||
| #RUN \ | |||||
| # find /etc/mysql/ -name *.cnf -exec sed -i 's/^\(bind-address\s.*\)/# \1/' {} \; && \ | |||||
| # echo "mysqld_safe &" > /tmp/config && \ | |||||
| # echo "mysqladmin --silent --wait=30 ping || exit 1" >> /tmp/config && \ | |||||
| # echo "mysql -e 'GRANT ALL PRIVILEGES ON *.* TO \"root\"@\"%\" WITH GRANT OPTION;'" >> /tmp/config && \ | |||||
| # bash /tmp/config && \ | |||||
| # mysql -e "SELECT Host, User, Password FROM mysql.user;" > /tmp/a.out | |||||
| #rm -f /tmp/config | |||||
| COPY tuning.cnf /etc/mysql/conf.d/tuning.cnf | |||||
| COPY tuning-primer.sh /usr/local/bin/ | |||||
| RUN chmod +x /usr/local/bin/tuning-primer.sh | |||||
| COPY mysqltuner.pl /usr/local/bin/ | |||||
| RUN chmod +x /usr/local/bin/mysqltuner.pl | |||||
| COPY startup.sh /usr/local/bin/ | |||||
| RUN chmod +x /usr/local/bin/startup.sh | |||||
| # Define mountable directories. | |||||
| #VOLUME ["/var/lib/mysql"] | |||||
| # Define default command. | |||||
| CMD ["/usr/local/bin/startup.sh"] | |||||
| # Expose ports. | |||||
| EXPOSE 3306 |
+ 0
- 42
images/mariadb/Dockerfile.template
Просмотреть файл
| # | |||||
| # MariaDB Dockerfile | |||||
| # Pull base image. | |||||
| FROM BASE_IMAGE_PLACEHOLDER | |||||
| ENV DEBIAN_FRONTEND=noninteractive | |||||
| # Install MariaDB. | |||||
| RUN \ | |||||
| apt-get update && \ | |||||
| apt-get upgrade -y && \ | |||||
| apt-get -y install mariadb-server procps | |||||
| RUN find /etc/mysql/ -name *.cnf -exec sed -i 's/^\(bind-address\s.*\)/# \1/' {} \; | |||||
| #RUN \ | |||||
| # find /etc/mysql/ -name *.cnf -exec sed -i 's/^\(bind-address\s.*\)/# \1/' {} \; && \ | |||||
| # echo "mysqld_safe &" > /tmp/config && \ | |||||
| # echo "mysqladmin --silent --wait=30 ping || exit 1" >> /tmp/config && \ | |||||
| # echo "mysql -e 'GRANT ALL PRIVILEGES ON *.* TO \"root\"@\"%\" WITH GRANT OPTION;'" >> /tmp/config && \ | |||||
| # bash /tmp/config && \ | |||||
| # mysql -e "SELECT Host, User, Password FROM mysql.user;" > /tmp/a.out | |||||
| #rm -f /tmp/config | |||||
| COPY tuning.cnf /etc/mysql/conf.d/tuning.cnf | |||||
| COPY tuning-primer.sh /usr/local/bin/ | |||||
| RUN chmod +x /usr/local/bin/tuning-primer.sh | |||||
| COPY mysqltuner.pl /usr/local/bin/ | |||||
| RUN chmod +x /usr/local/bin/mysqltuner.pl | |||||
| COPY startup.sh /usr/local/bin/ | |||||
| RUN chmod +x /usr/local/bin/startup.sh | |||||
| # Define mountable directories. | |||||
| #VOLUME ["/var/lib/mysql"] | |||||
| # Define default command. | |||||
| CMD ["/usr/local/bin/startup.sh"] | |||||
| # Expose ports. | |||||
| EXPOSE 3306 |
+ 0
- 1
images/mariadb/README.md
Просмотреть файл
| # rpi-mariadb |
+ 0
- 6557
images/mariadb/mysqltuner.pl
Разница между файлами не показана из-за своего большого размера
Просмотреть файл
+ 0
- 58
images/mariadb/startup.sh
Просмотреть файл
| #!/bin/bash | |||||
| echo "Permissions" | |||||
| chown -R mysql:mysql /var/lib/mysql | |||||
| # set root password from secret | |||||
| if [ ! -z $MYSQL_ROOT_PWD_FILE -a -f $MYSQL_ROOT_PWD_FILE ]; then | |||||
| MYSQL_ROOT_PWD=`cat $MYSQL_ROOT_PWD_FILE`; | |||||
| fi | |||||
| if [ ! -z $MYSQL_ROOT_PWD ]; then | |||||
| # start server | |||||
| echo "Starting server" | |||||
| /usr/bin/mariadbd-safe --datadir='/var/lib/mysql' & #--skip-grant-tables & | |||||
| pid="$!" | |||||
| echo "Mysql pid: $pid" | |||||
| mysql=( mysql ) | |||||
| for i in {30..0}; do | |||||
| if echo 'SELECT 1' | "${mysql}" &> /dev/null; then | |||||
| break | |||||
| fi | |||||
| echo 'MySQL init process in progress...' | |||||
| sleep 1 | |||||
| done | |||||
| if [ "$i" = 0 ]; then | |||||
| echo >&2 'MySQL init process failed or there already was data with a root password set.' | |||||
| fi | |||||
| # Allow access from outside | |||||
| #echo "INSERT INTO mysql.user (Host, User) VALUES ('%', 'root');" | "${mysql}" | |||||
| echo 'GRANT ALL PRIVILEGES ON *.* TO "root"@"%" WITH GRANT OPTION;' | "${mysql}" | |||||
| # set root password | |||||
| echo "Setting root password" | |||||
| #/usr/bin/mysqladmin -u root flush-privileges password "$MYSQL_ROOT_PWD" | |||||
| echo "USE mysql;" | "${mysql}" | |||||
| echo "ALTER USER 'root'@'localhost' IDENTIFIED VIA mysql_native_password;" | "${mysql}" | |||||
| echo "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('$MYSQL_ROOT_PWD');" | "${mysql}" | |||||
| echo "FLUSH PRIVILEGES;" | "${mysql}" | |||||
| #echo "SET PASSWORD FOR 'root' = PASSWORD('$MYSQL_ROOT_PWD');" | "${mysql}" | |||||
| if [ $? != 0 ]; then | |||||
| echo >&2 'MySQL root password setting failed.' | |||||
| #exit 1 | |||||
| fi | |||||
| # Stop server | |||||
| echo "Stopping server" | |||||
| #if ! kill -s TERM "$pid" || ! wait "$pid"; then | |||||
| if ! mysqladmin -u root -p"$MYSQL_ROOT_PWD" shutdown || ! wait "$pid"; then | |||||
| echo >&2 'MySQL stop process failed.' | |||||
| #exit 1 | |||||
| fi | |||||
| fi | |||||
| echo "Restarting server" | |||||
| /usr/bin/mariadbd-safe --datadir='/var/lib/mysql' |
+ 0
- 1634
images/mariadb/tuning-primer.sh
Разница между файлами не показана из-за своего большого размера
Просмотреть файл
+ 0
- 8
images/mariadb/tuning.cnf
Просмотреть файл
| [mysqld] | |||||
| #join_buffer_size = 128.0K | |||||
| #innodb_buffer_pool_size = 1.0G | |||||
| innodb_buffer_pool_size = 384M | |||||
| innodb_log_file_size = 16M | |||||
| innodb_buffer_pool_instances = 1 |
+ 11
- 11
images/nextcloud/docker-entrypoint.sh
Просмотреть файл
| LDAP_BIND_PWD=`cat $LDAP_BIND_PWD_FILE`; | LDAP_BIND_PWD=`cat $LDAP_BIND_PWD_FILE`; | ||||
| fi | fi | ||||
| # set DB root password from secret | # set DB root password from secret | ||||
| if [ ! -z $MYSQL_ROOT_PWD_FILE -a -f $MYSQL_ROOT_PWD_FILE ]; then | |||||
| MYSQL_ROOT_PWD=`cat $MYSQL_ROOT_PWD_FILE`; | |||||
| if [ ! -z $MARIADB_ROOT_PWD_FILE -a -f $MARIADB_ROOT_PWD_FILE ]; then | |||||
| MARIADB_ROOT_PWD=`cat $MARIADB_ROOT_PWD_FILE`; | |||||
| fi | fi | ||||
| # set password salt from secret | # set password salt from secret | ||||
| if [ ! -z $NEXTCLOUD_SALT_FILE -a -f $NEXTCLOUD_SALT_FILE ]; then | if [ ! -z $NEXTCLOUD_SALT_FILE -a -f $NEXTCLOUD_SALT_FILE ]; then | ||||
| sleep 60 # to avoid hitting it while the first start for setting root pwd | sleep 60 # to avoid hitting it while the first start for setting root pwd | ||||
| R=111 | R=111 | ||||
| while [ $R -eq 111 ]; do | while [ $R -eq 111 ]; do | ||||
| mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "SHOW DATABASES" 2> /dev/null; | |||||
| mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "SHOW DATABASES" 2> /dev/null; | |||||
| R=$?; | R=$?; | ||||
| done | done | ||||
| # check if DB exists | # check if DB exists | ||||
| DB_EXISTS=$(mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "SHOW DATABASES" 2> /dev/null | grep ${NEXTCLOUD_DB_NAME}) | |||||
| DB_EXISTS=$(mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "SHOW DATABASES" 2> /dev/null | grep ${NEXTCLOUD_DB_NAME}) | |||||
| echo "DB exists: ${DB_EXISTS}" | echo "DB exists: ${DB_EXISTS}" | ||||
| if [ -z "${DB_EXISTS}" ]; then | if [ -z "${DB_EXISTS}" ]; then | ||||
| echo "Creating Database" | echo "Creating Database" | ||||
| #mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "DROP DATABASE IF EXISTS ${NEXTCLOUD_DB_NAME};" | |||||
| #mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "DROP DATABASE IF EXISTS ${NEXTCLOUD_DB_NAME};" | |||||
| #check_result $? "Dropping DB" | #check_result $? "Dropping DB" | ||||
| mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "CREATE DATABASE ${NEXTCLOUD_DB_NAME};" | |||||
| mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "CREATE DATABASE ${NEXTCLOUD_DB_NAME};" | |||||
| check_result $? "Creating DB" | check_result $? "Creating DB" | ||||
| fi | fi | ||||
| echo "Creating User" | echo "Creating User" | ||||
| # 'IF EXISTS' for DROP USER is available from MariaDB 10.1.3 only | # 'IF EXISTS' for DROP USER is available from MariaDB 10.1.3 only | ||||
| mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "DROP USER ${NEXTCLOUD_DB_USER};" || echo "It seems it didn't exist" | |||||
| mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "CREATE USER ${NEXTCLOUD_DB_USER} IDENTIFIED BY '${NEXTCLOUD_DB_PWD}';" | |||||
| mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "DROP USER ${NEXTCLOUD_DB_USER};" || echo "It seems it didn't exist" | |||||
| mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "CREATE USER ${NEXTCLOUD_DB_USER} IDENTIFIED BY '${NEXTCLOUD_DB_PWD}';" | |||||
| check_result $? "Creating User" | check_result $? "Creating User" | ||||
| mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "GRANT ALL ON ${NEXTCLOUD_DB_NAME}.* TO ${NEXTCLOUD_DB_USER};" | |||||
| mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "GRANT ALL ON ${NEXTCLOUD_DB_NAME}.* TO ${NEXTCLOUD_DB_USER};" | |||||
| check_result $? "Granting permissions" | check_result $? "Granting permissions" | ||||
| mysql -u root -p${MYSQL_ROOT_PWD} -h ${DB_HOST} -e "FLUSH PRIVILEGES;" | |||||
| mysql -u root -p${MARIADB_ROOT_PWD} -h ${DB_HOST} -e "FLUSH PRIVILEGES;" | |||||
| check_result $? "Flushing privileges" | check_result $? "Flushing privileges" | ||||
| unset MYSQL_ROOT_PWD | |||||
| unset MARIADB_ROOT_PWD | |||||
| # DB Backup | # DB Backup | ||||
| if [ ! -z "${DB_EXISTS}" -a ! -z "${NEXTCLOUD_DB_BACKUP}" -a -f "${NEXTCLOUD_DB_BACKUP}" ]; then | if [ ! -z "${DB_EXISTS}" -a ! -z "${NEXTCLOUD_DB_BACKUP}" -a -f "${NEXTCLOUD_DB_BACKUP}" ]; then |
+ 1
- 1
mariadb.env.template
Просмотреть файл
| MYSQL_ROOT_PWD_FILE=/run/secrets/admin_pwd | |||||
| MARIADB_ROOT_PWD_FILE=/run/secrets/admin_pwd |
+ 1
- 1
nextcloud.env.template
Просмотреть файл
| LDAP_SEARCH_BASE=dc=${ORGANIZATION},dc=${EXTENSION} | LDAP_SEARCH_BASE=dc=${ORGANIZATION},dc=${EXTENSION} | ||||
| # DB | # DB | ||||
| MYSQL_ROOT_PWD_FILE=/run/secrets/mysql_pwd | |||||
| MARIADB_ROOT_PWD_FILE=/run/secrets/mysql_pwd | |||||
| DB_HOST=db | DB_HOST=db | ||||
| NEXTCLOUD_DB_NAME=nextcloud | NEXTCLOUD_DB_NAME=nextcloud | ||||
| NEXTCLOUD_DB_USER=nextcloud | NEXTCLOUD_DB_USER=nextcloud |
+ 2
- 2
setup.sh
Просмотреть файл
| chmod 600 *.env | chmod 600 *.env | ||||
| # Passwords | # Passwords | ||||
| echo MYSQL_ROOT_PWD=$db_pwd >> mariadb.env | |||||
| echo MYSQL_ROOT_PWD=$db_pwd >> nextcloud.env | |||||
| echo MARIADB_ROOT_PWD=$db_pwd >> mariadb.env | |||||
| echo MARIADB_ROOT_PWD=$db_pwd >> nextcloud.env | |||||
| echo LDAP_ADMIN_PWD=$ldap_pwd >> openldap.env | echo LDAP_ADMIN_PWD=$ldap_pwd >> openldap.env | ||||
| echo LDAP_MAIL_PWD=$ldap_mail_pwd >> openldap.env | echo LDAP_MAIL_PWD=$ldap_mail_pwd >> openldap.env |
Загрузка…