diff options
author | Mike Crute <mike@crute.us> | 2022-12-10 08:14:56 -0800 |
---|---|---|
committer | Mike Crute <mike@crute.us> | 2022-12-10 08:14:56 -0800 |
commit | 10ef51e41bfb73c5a64c79255b17c0bc98d8c8b0 (patch) | |
tree | dbecb5acee08fbda4c39009be13808a2f420aa84 | |
parent | 080b38448a441e51213983edd5c4d16d1c2858e1 (diff) | |
download | dockerfiles-10ef51e41bfb73c5a64c79255b17c0bc98d8c8b0.tar.bz2 dockerfiles-10ef51e41bfb73c5a64c79255b17c0bc98d8c8b0.tar.xz dockerfiles-10ef51e41bfb73c5a64c79255b17c0bc98d8c8b0.zip |
unifi: convert to simplevisor
-rw-r--r-- | unifi/Dockerfile | 8 | ||||
-rw-r--r-- | unifi/Makefile | 5 | ||||
-rw-r--r-- | unifi/Makefile5 | 36 | ||||
-rw-r--r-- | unifi/README.md | 50 | ||||
-rw-r--r-- | unifi/simplevisor.json | 52 | ||||
-rwxr-xr-x | unifi/unifi-setup.sh (renamed from unifi/entrypoint.sh) | 33 |
6 files changed, 70 insertions, 114 deletions
diff --git a/unifi/Dockerfile b/unifi/Dockerfile index acb471f..a04d001 100644 --- a/unifi/Dockerfile +++ b/unifi/Dockerfile | |||
@@ -1,6 +1,8 @@ | |||
1 | FROM alpine:edge | 1 | FROM alpine:edge |
2 | LABEL maintainer="Mike Crute <mike@crute.us>" | 2 | LABEL maintainer="Mike Crute <mike@crute.us>" |
3 | 3 | ||
4 | # TODO: Move all the unpacking stuff to the Makefile | ||
5 | |||
4 | ARG deb_location | 6 | ARG deb_location |
5 | ARG checksum_line | 7 | ARG checksum_line |
6 | 8 | ||
@@ -55,7 +57,9 @@ RUN set -euxo pipefail; \ | |||
55 | && apk del .build-deps \ | 57 | && apk del .build-deps \ |
56 | && rm -rf /tmp/* | 58 | && rm -rf /tmp/* |
57 | 59 | ||
58 | ADD entrypoint.sh / | 60 | ADD unifi-setup.sh / |
61 | ADD simplevisor.json / | ||
62 | ADD simplevisor / | ||
59 | 63 | ||
60 | STOPSIGNAL SIGTERM | 64 | STOPSIGNAL SIGTERM |
61 | ENTRYPOINT [ "/entrypoint.sh" ] | 65 | ENTRYPOINT [ "/simplevisor" ] |
diff --git a/unifi/Makefile b/unifi/Makefile index 83e2fc9..b1c9503 100644 --- a/unifi/Makefile +++ b/unifi/Makefile | |||
@@ -1,6 +1,7 @@ | |||
1 | VERSION=7.2.91-85c367a4aa | 1 | VERSION=7.2.91-85c367a4aa |
2 | IMAGE=docker.crute.me/unifi:$(VERSION) | 2 | VERSION_TAG=$(VERSION)-1 |
3 | LATEST=$(subst :$(VERSION),,$(IMAGE)):latest | 3 | IMAGE=docker.crute.me/unifi:$(VERSION_TAG) |
4 | LATEST=$(subst :$(VERSION_TAG),,$(IMAGE)):latest | ||
4 | 5 | ||
5 | DEB_LOCATION="https://dl.ui.com/unifi/$(VERSION)/unifi_sysvinit_all.deb" | 6 | DEB_LOCATION="https://dl.ui.com/unifi/$(VERSION)/unifi_sysvinit_all.deb" |
6 | CHECKSUM_LINE="d33e7b5a838a4c301ca545910e7119ba62bda80202259655191ced1e482cecde *unifi_sysvinit_all.deb" | 7 | CHECKSUM_LINE="d33e7b5a838a4c301ca545910e7119ba62bda80202259655191ced1e482cecde *unifi_sysvinit_all.deb" |
diff --git a/unifi/Makefile5 b/unifi/Makefile5 deleted file mode 100644 index 7c2c212..0000000 --- a/unifi/Makefile5 +++ /dev/null | |||
@@ -1,36 +0,0 @@ | |||
1 | VERSION=5.14.23 | ||
2 | IMAGE=docker.crute.me/unifi:$(VERSION) | ||
3 | LATEST=$(subst :$(VERSION),,$(IMAGE)):latest | ||
4 | |||
5 | DEB_LOCATION="https://dl.ui.com/unifi/$(VERSION)/unifi_sysvinit_all.deb" | ||
6 | CHECKSUM_LINE="fb12d448828656523978be9f594f2ce3fb35d524bc80d2c150e58f2a7d0159a9 *unifi_sysvinit_all.deb" | ||
7 | |||
8 | all: | ||
9 | docker pull alpine:latest | ||
10 | docker build \ | ||
11 | --no-cache \ | ||
12 | --build-arg=deb_location=$(DEB_LOCATION) \ | ||
13 | --build-arg=checksum_line=$(CHECKSUM_LINE) \ | ||
14 | -t $(IMAGE) . | ||
15 | |||
16 | all-no-cache: | ||
17 | docker build \ | ||
18 | --no-cache \ | ||
19 | --build-arg=deb_location=$(DEB_LOCATION) \ | ||
20 | --build-arg=checksum_line=$(CHECKSUM_LINE) \ | ||
21 | -t $(IMAGE) . | ||
22 | |||
23 | run: | ||
24 | docker run -d \ | ||
25 | -e UNIFI_UID=1001 \ | ||
26 | -e UNIFI_GID=1001 \ | ||
27 | -p 8080:8080 \ | ||
28 | -p 8443:8443 \ | ||
29 | $(IMAGE) | ||
30 | |||
31 | publish: | ||
32 | docker push $(IMAGE) | ||
33 | |||
34 | publish-prod: | ||
35 | docker tag $(IMAGE) $(LATEST) | ||
36 | docker push $(LATEST) | ||
diff --git a/unifi/README.md b/unifi/README.md deleted file mode 100644 index c1566b2..0000000 --- a/unifi/README.md +++ /dev/null | |||
@@ -1,50 +0,0 @@ | |||
1 | [(Dockerfile)]: https://code.crute.me/mcrute/dockerfiles/tree/unifi/Dockerfile | ||
2 | [Changelog]: https://community.ubnt.com/t5/UniFi-Updates-Blog/UniFi-5-6-20-Stable-has-been-released/ba-p/2119397?attachment-id=85425 | ||
3 | |||
4 | # Supported tags and respective `Dockerfile` links | ||
5 | |||
6 | * `5.6.20`, `stable` [(Dockerfile)][] [Changelog][] | ||
7 | |||
8 | |||
9 | [![unifi](https://dl.ubnt.com/press/logo-UniFi.jpg)](https://unifi-sdn.ubnt.com/) | ||
10 | |||
11 | # Ubiquiti Unifi SDN Controller | ||
12 | |||
13 | The UniFi Controller software is a powerful, enterprise wireless software engine ideal for high-density client deployments requiring low latency and high uptime performance. This unofficial image is a minimalist re-packaging of the upstream binaries into an Alpine Linux based container. The image has been adapted to better fit the Docker tooling by logging everything to stdout and running with reduced privileges. | ||
14 | |||
15 | ## Usage | ||
16 | At a minimum users should mount a data volume over `/var/lib/unifi` for storage of their databases and downloaded firmware. | ||
17 | |||
18 | A minimal run command would be: | ||
19 | |||
20 | ``` | ||
21 | docker run \ | ||
22 | -v /your-unifi-path:/var/lib/unifi \ | ||
23 | -p 8080:8080 \ | ||
24 | -p 8443:8443 \ | ||
25 | mcrute/unifi-controller:stable | ||
26 | ``` | ||
27 | |||
28 | After bootstrap the controller will run as the `unifi` user within the container. It is possible to map the unifi user id and group id within the container to a custom uid/gid using the `UNIFI_UID` and `UNIFI_GID` environment variables. The default is uid 101 and gid 102. | ||
29 | |||
30 | An example of this: | ||
31 | |||
32 | ``` | ||
33 | docker run \ | ||
34 | -v /your-unifi-path:/var/lib/unifi \ | ||
35 | -e UNIFI_UID=201 \ | ||
36 | -e UNIFI_GID=302 \ | ||
37 | -p 8080:8080 \ | ||
38 | -p 8443:8443 \ | ||
39 | mcrute/unifi-controller:stable | ||
40 | ``` | ||
41 | |||
42 | ## License | ||
43 | View [license information](https://www.ubnt.com/eula/) for the software contained in this image. | ||
44 | |||
45 | As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). | ||
46 | |||
47 | As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within. | ||
48 | |||
49 | ## Used Software | ||
50 | This container builds on [Alpine Linux](http://alpinelinux.org/) and uses [su-exec](https://github.com/ncopa/su-exec) for privilege separation. | ||
diff --git a/unifi/simplevisor.json b/unifi/simplevisor.json new file mode 100644 index 0000000..0d8ed76 --- /dev/null +++ b/unifi/simplevisor.json | |||
@@ -0,0 +1,52 @@ | |||
1 | { | ||
2 | "env": { | ||
3 | "pass": [ | ||
4 | "PATH", | ||
5 | "HOSTNAME", | ||
6 | "SHLVL", | ||
7 | "HOME", | ||
8 | "PWD", | ||
9 | |||
10 | "UNIFI_UID", | ||
11 | "UNIFI_GID", | ||
12 | |||
13 | "MONGO_URL", | ||
14 | "MONGO_STATS_URL" | ||
15 | ], | ||
16 | "vault-replace": [ | ||
17 | "MONGO_USER", | ||
18 | "MONGO_PASSWORD" | ||
19 | ], | ||
20 | "vault-template": [ | ||
21 | "MONGO_URL", | ||
22 | "MONGO_STATS_URL" | ||
23 | ] | ||
24 | }, | ||
25 | "jobs": { | ||
26 | "init": [ | ||
27 | { | ||
28 | "cmd": ["/unifi-setup.sh"], | ||
29 | "run-as": "root" | ||
30 | } | ||
31 | ], | ||
32 | "main": [ | ||
33 | { | ||
34 | "cmd": [ | ||
35 | "/usr/lib/jvm/default-jvm/bin/java", | ||
36 | "-cp", "/usr/lib/unifi/lib/ace.jar", | ||
37 | "-Dlog4j.configuration=file:/usr/lib/unifi/log4j.properties", | ||
38 | "-Dlog4j2.formatMsgNoLookups=true", | ||
39 | "-Dunifi.datadir=/usr/lib/unifi/data", | ||
40 | "-Dunifi.logdir=/usr/lib/unifi/logs", | ||
41 | "-Dunifi.rundir=/usr/lib/unifi/run", | ||
42 | "-Xmx1024M", | ||
43 | "-Djava.awt.headless=true", | ||
44 | "-Dorg.xerial.snappy.use.systemlib=true", | ||
45 | "-Dfile.encoding=UTF-8", | ||
46 | "com.ubnt.ace.Launcher", "start" | ||
47 | ], | ||
48 | "run-as": "unifi" | ||
49 | } | ||
50 | ] | ||
51 | } | ||
52 | } | ||
diff --git a/unifi/entrypoint.sh b/unifi/unifi-setup.sh index 506c20f..30defdc 100755 --- a/unifi/entrypoint.sh +++ b/unifi/unifi-setup.sh | |||
@@ -56,27 +56,12 @@ if [ -z "$START_DEFAULT" ]; then | |||
56 | echo "is_default=false" >> /var/lib/unifi/system.properties | 56 | echo "is_default=false" >> /var/lib/unifi/system.properties |
57 | fi | 57 | fi |
58 | 58 | ||
59 | # Allow running a shell in the container | 59 | # Replace the current process with a scoped-down controller. The java app |
60 | if [ ! -z "$@" ]; then | 60 | # is designed to do its own job control but it has to run with an init |
61 | /sbin/su-exec ${USERNAME} "$@" | 61 | # system or it doesn't get the signals from docker. |
62 | else | 62 | # |
63 | # Replace the current process with a scoped-down controller. The java app | 63 | # Use the snappy native library installed with apk because the bundled on |
64 | # is designed to do its own job control but it has to run with an init | 64 | # is built against libc which is not available in Alpine. Without this |
65 | # system or it doesn't get the signals from docker. | 65 | # inform will fail with a decompression library error. |
66 | # | 66 | |
67 | # Use the snappy native library installed with apk because the bundled on | 67 | # NOTE: This has been migrated to simplevisor.json |
68 | # is built against libc which is not available in Alpine. Without this | ||
69 | # inform will fail with a decompression library error. | ||
70 | exec /usr/bin/dumb-init -c /sbin/su-exec ${USERNAME} /usr/lib/jvm/default-jvm/bin/java \ | ||
71 | -cp ${BASEDIR}/lib/ace.jar \ | ||
72 | -Dlog4j.configuration=file:${BASEDIR}/log4j.properties \ | ||
73 | -Dlog4j2.formatMsgNoLookups=true \ | ||
74 | -Dunifi.datadir=${BASEDIR}/data \ | ||
75 | -Dunifi.logdir=${BASEDIR}/logs \ | ||
76 | -Dunifi.rundir=${BASEDIR}/run \ | ||
77 | -Xmx1024M \ | ||
78 | -Djava.awt.headless=true \ | ||
79 | -Dorg.xerial.snappy.use.systemlib=true \ | ||
80 | -Dfile.encoding=UTF-8 \ | ||
81 | com.ubnt.ace.Launcher start | ||
82 | fi | ||