From 76f6812a7d0060c94f518b08adb8325f311ef87c Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Mon, 3 Jul 2023 22:46:41 +0000
Subject: [PATCH 01/12] add ssl compatibility

---
 Dockerfile               |  3 ++-
 root/cronicle-prepare.sh | 18 ++++++++++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 02f7328..42531fb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -23,7 +23,7 @@ ENV TZ=UTC
 ENV LOG_LEVEL=9
 
 #Get required packages
-RUN apk update && apk add tzdata curl shadow bash xz git procps nodejs npm nano
+RUN apk update && apk add tzdata curl shadow bash xz git procps nodejs npm nano openssl
 
 #Make folders
 RUN mkdir /config && \
@@ -57,5 +57,6 @@ RUN chmod +x /cronicle-prepare.sh && \
     chown -R ${PUID}:${PGID} /app /config
 
 EXPOSE 3012
+EXPOSE 3013
 
 ENTRYPOINT [ "/init" ]
\ No newline at end of file
diff --git a/root/cronicle-prepare.sh b/root/cronicle-prepare.sh
index 699fae4..451d9b3 100644
--- a/root/cronicle-prepare.sh
+++ b/root/cronicle-prepare.sh
@@ -28,9 +28,11 @@ fi
 
 if [ ! -d /config/cronicle ]
 then
+
     echo "Directory /config/cronicle not found. Creating."
 
     mkdir /config/cronicle
+
 fi
 
 #Detecting what mode Cronicle should be started in
@@ -48,15 +50,27 @@ then
         cp -r /app/cronicle/conf /config/cronicle/conf
         rm -rf /app/cronicle/conf
         ln -s /config/cronicle/conf /app/cronicle/conf
+
     else
 
         echo "Config dir already exists. Doesn't need creating."
         echo "Linking persistent config dir back into Cronicle."
+
         rm -rf /app/cronicle/conf
         ln -s /config/cronicle/conf /app/cronicle/conf
 
     fi
 
+    if [ ! -f /config/cronicle/conf/ssl.crt ] || [ ! -f /config/cronicle/conf/ssl.key ]
+    then
+
+        echo "One or both SSL components are missing. Generating."
+
+        rm -f /config/cronicle/conf/ssl.crt /config/cronicle/conf/ssl.key
+        openssl req -x509 -newkey rsa:4096 -keyout /config/cronicle/conf/ssl.key -out /config/cronicle/conf/ssl.crt -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname"
+
+    fi
+    
     if [ ! -f /config/cronicle/data/.setup_done ]
     then
 
@@ -88,6 +102,8 @@ then
     then
 
         echo "No config found. Copy config.json from the manager server and place it in /config/cronicle/conf dir."
+        echo "Don't forget to also copy the SSL certs if you're using SSL."
+
         mkdir -p /config/cronicle/conf
         exit 0
 
@@ -114,10 +130,12 @@ then
     cp -r /app/cronicle/logs /config/cronicle/logs
     rm -rf /app/cronicle/logs
     ln -s /config/cronicle/logs /app/cronicle/logs
+
 else
 
     echo "Logs dir already exists. Doesn't need creating."
     echo "Linking persistent logs dir back into Cronicle."
+    
     rm -rf /app/cronicle/logs
     ln -s /config/cronicle/logs /app/cronicle/logs
 

From b2a81470273572bdda4e352c322047b59f7a69a8 Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Sat, 8 Jul 2023 16:11:55 +0000
Subject: [PATCH 02/12] tidy up more files

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 42531fb..6a5dfd1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -44,7 +44,7 @@ RUN mkdir /app/cronicle && \
     cd /app/cronicle && \
     wget https://github.com/cronicle-edge/cronicle-edge/archive/refs/tags/v${CRONICLE_EDGE_VERSION}.tar.gz && \
     tar -xf v${CRONICLE_EDGE_VERSION}.tar.gz --strip-components 1 && \
-    rm -rf Docker* .gitignore Readme.md .vscode && \
+    rm -rf Docker* .gitignore Readme.md .vscode sample_conf/examples/backup sample_conf/examples/docker.sh && \
     rm -rf v${CRONICLE_EDGE_VERSION}.tar.gz
 
 WORKDIR /app/cronicle

From a5bb8181202eb507029525b16efb0cbd59d5bb0d Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Sat, 8 Jul 2023 16:12:13 +0000
Subject: [PATCH 03/12] change linking of config in worker mode

---
 root/cronicle-prepare.sh | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/root/cronicle-prepare.sh b/root/cronicle-prepare.sh
index 451d9b3..c3eab89 100644
--- a/root/cronicle-prepare.sh
+++ b/root/cronicle-prepare.sh
@@ -98,26 +98,34 @@ then
 
     echo "Cronicle is running in 'worker' mode."
 
+    #Copying config directory to /config/cronicle/conf if not already there, then linking back into Cronicle
     if [ ! -f /config/cronicle/conf/config.json ]
     then
 
         echo "No config found. Copy config.json from the manager server and place it in /config/cronicle/conf dir."
-        echo "Don't forget to also copy the SSL certs if you're using SSL."
-
-        mkdir -p /config/cronicle/conf
-        exit 0
+        cp -r /app/cronicle/conf /config/cronicle/conf
+        rm -rf /config/cronicle/conf/config.json
+        rm -rf /app/cronicle/conf
+        ln -s /config/cronicle/conf /app/cronicle/conf
+        echo ''
+        echo ''
+        echo '*************************************'
+        exit 1
 
     else
 
-        #Removing default config.json and linking provided one back into Cronicle
-        rm -rf /app/cronicle/conf/config.json
-        ln -s /config/cronicle/conf/config.json /app/cronicle/conf/config.json
+        echo "Config is present."
+        echo "Linking persistent config dir back into Cronicle."
+
+        rm -rf /app/cronicle/conf
+        ln -s /config/cronicle/conf /app/cronicle/conf
 
     fi
 
 else
 
-    echo "'$MODE' is not a recognised appion for the MODE environment variable. Accepted appions are 'manager' and 'worker'."
+    echo "'$MODE' is not a recognised appion for the MODE environment variable. Accepted options are 'manager' and 'worker'."
+    exit 1
 
 fi
 

From 1f21d711caf79d3391b7a2f2229cee4603926022 Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Sat, 8 Jul 2023 16:29:40 +0000
Subject: [PATCH 04/12] add ca-certificates package

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 6a5dfd1..d63f5df 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -23,7 +23,7 @@ ENV TZ=UTC
 ENV LOG_LEVEL=9
 
 #Get required packages
-RUN apk update && apk add tzdata curl shadow bash xz git procps nodejs npm nano openssl
+RUN apk update && apk add tzdata curl shadow bash xz git procps nodejs npm nano openssl ca-certificates
 
 #Make folders
 RUN mkdir /config && \

From 24c9e13e723c066d23ec9f2f93f607793fbbd32c Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Sat, 8 Jul 2023 19:29:04 +0000
Subject: [PATCH 05/12] remove sample config keys

---
 Dockerfile | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index d63f5df..1c96f1f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -23,7 +23,7 @@ ENV TZ=UTC
 ENV LOG_LEVEL=9
 
 #Get required packages
-RUN apk update && apk add tzdata curl shadow bash xz git procps nodejs npm nano openssl ca-certificates
+RUN apk update && apk add --no-cache tzdata curl shadow bash xz git procps nodejs npm nano openssl ca-certificates
 
 #Make folders
 RUN mkdir /config && \
@@ -39,13 +39,18 @@ RUN curl -fsSL "https://github.com/just-containers/s6-overlay/releases/download/
     curl -fsSL "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-arch.tar.xz" | tar Jpxf - -C /
 ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2 S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 S6_VERBOSITY=1
 
-#Install Cronicle
-RUN mkdir /app/cronicle && \
+#Install Cronicle & tidy up things I don't want
+RUN apk add --no-cache --virtual .jq jq && \
+    mkdir /app/cronicle && \
     cd /app/cronicle && \
     wget https://github.com/cronicle-edge/cronicle-edge/archive/refs/tags/v${CRONICLE_EDGE_VERSION}.tar.gz && \
     tar -xf v${CRONICLE_EDGE_VERSION}.tar.gz --strip-components 1 && \
     rm -rf Docker* .gitignore Readme.md .vscode sample_conf/examples/backup sample_conf/examples/docker.sh && \
-    rm -rf v${CRONICLE_EDGE_VERSION}.tar.gz
+    jq 'del(.storage[] | select(contains(["global/conf_keys"])))' sample_conf/setup.json >> sample_conf/setup-new.json && \
+    rm sample_conf/setup.json && \
+    mv sample_conf/setup-new.json sample_conf/setup.json && \
+    rm -rf v${CRONICLE_EDGE_VERSION}.tar.gz && \
+    apk del .jq
 
 WORKDIR /app/cronicle
 RUN npm install && \

From 156e0afe5ca3dacdfcd6f07a20b45749d6ebe3d5 Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Sun, 16 Jul 2023 16:55:34 +0000
Subject: [PATCH 06/12] run init scripts as root

---
 README.md              |  2 ++
 root/container-init.sh | 13 +++++++++++++
 2 files changed, 15 insertions(+)

diff --git a/README.md b/README.md
index e5d0041..b74d41a 100644
--- a/README.md
+++ b/README.md
@@ -92,6 +92,8 @@ services:
 
 This container automatically checks for scripts in `/config/init` and runs them at startup. This could be useful if you need to install additional applications into a worker container so it can execute jobs.
 
+Note that any scripts will be run as `root` before permissions are altered in `/app` and `/config`. Anything that an init script does in either of these folders will be owned by `cronicle` when the container continues.
+
 ## Reverse Proxying
 
 For a single manager behind a reverse proxy, you may need to specify a specific route for the web-socket connections.
diff --git a/root/container-init.sh b/root/container-init.sh
index ce9909a..40ceb73 100644
--- a/root/container-init.sh
+++ b/root/container-init.sh
@@ -39,6 +39,19 @@ else
     exit 1
 fi
 
+#Importing and running additional scripts placed in /config/init
+if [ -d /config/init ]; then
+	if [ "$(ls -A /config/init)" ]; then
+        echo "Running additional startup scripts."
+        bash /config/init/*
+    else
+        echo "/config/init is empty - no additional startup scripts detected."
+    fi
+else
+	echo "Directory /config/init not found. Creating."
+    mkdir /config/init
+fi
+
 echo "Checking permissions in /config and /app."
 
 if [ ! "$(stat -c %u /app)" -eq "${PUID}" ] || [ ! "$(stat -c %g /app)" -eq "${PGID}" ]

From ec1a1d9383b6314ec4f5179a3fe00afa25f4c3a7 Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Sun, 16 Jul 2023 16:56:46 +0000
Subject: [PATCH 07/12] remove init scripts from cronicle-prepare.sh

---
 root/cronicle-prepare.sh | 23 -----------------------
 1 file changed, 23 deletions(-)

diff --git a/root/cronicle-prepare.sh b/root/cronicle-prepare.sh
index c3eab89..488f63e 100644
--- a/root/cronicle-prepare.sh
+++ b/root/cronicle-prepare.sh
@@ -3,29 +3,6 @@
 
 echo "Preparing Cronicle"
 
-#Importing and running additional scripts placed in /config/init
-if [ -d /config/init ]
-then
-	if [ "$(ls -A /config/init)" ]
-    then
-
-        echo "Running additional startup scripts."
-
-        bash /config/init/*
-	
-    else
-        
-        echo "/config/init is empty - no additional startup scripts detected."
-	
-    fi
-else
-
-	echo "Directory /config/init not found. Creating."
-
-    mkdir /config/init
-
-fi
-
 if [ ! -d /config/cronicle ]
 then
 

From 3069d5c7f958e008c06479f899031064912d8516 Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Thu, 20 Jul 2023 11:39:23 +0000
Subject: [PATCH 08/12] fix /config/init permissions

---
 root/container-init.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/root/container-init.sh b/root/container-init.sh
index 40ceb73..d498a42 100644
--- a/root/container-init.sh
+++ b/root/container-init.sh
@@ -49,7 +49,7 @@ if [ -d /config/init ]; then
     fi
 else
 	echo "Directory /config/init not found. Creating."
-    mkdir /config/init
+    mkdir /config/init & chown -R cronicle:cronicle /config/init
 fi
 
 echo "Checking permissions in /config and /app."

From 126746669a83e52d7c51c952cd5d92322a7d2df4 Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Fri, 21 Jul 2023 10:11:17 +0000
Subject: [PATCH 09/12] fix not running multiple scripts in /config/init

---
 root/container-init.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/root/container-init.sh b/root/container-init.sh
index d498a42..934e8b4 100644
--- a/root/container-init.sh
+++ b/root/container-init.sh
@@ -43,7 +43,9 @@ fi
 if [ -d /config/init ]; then
 	if [ "$(ls -A /config/init)" ]; then
         echo "Running additional startup scripts."
-        bash /config/init/*
+        for f in /config/init/*.sh; do
+            bash "$f" 
+        done
     else
         echo "/config/init is empty - no additional startup scripts detected."
     fi

From bc5c00e1da0b54437de92322f6989f180e7aa96c Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Fri, 21 Jul 2023 10:44:01 +0000
Subject: [PATCH 10/12] fix init folder permissions on creation

---
 root/container-init.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/root/container-init.sh b/root/container-init.sh
index 934e8b4..c603860 100644
--- a/root/container-init.sh
+++ b/root/container-init.sh
@@ -51,7 +51,7 @@ if [ -d /config/init ]; then
     fi
 else
 	echo "Directory /config/init not found. Creating."
-    mkdir /config/init & chown -R cronicle:cronicle /config/init
+    mkdir /config/init && chown -R cronicle:cronicle /config/init
 fi
 
 echo "Checking permissions in /config and /app."

From 8803076ab544e99fcd5b1b3c64467b73d79bc49b Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Fri, 21 Jul 2023 10:50:05 +0000
Subject: [PATCH 11/12] better permission detection

---
 root/container-init.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/root/container-init.sh b/root/container-init.sh
index c603860..5516571 100644
--- a/root/container-init.sh
+++ b/root/container-init.sh
@@ -56,13 +56,13 @@ fi
 
 echo "Checking permissions in /config and /app."
 
-if [ ! "$(stat -c %u /app)" -eq "${PUID}" ] || [ ! "$(stat -c %g /app)" -eq "${PGID}" ]
+if [ -n "$(find /app \! -user ${PUID})" ] || [ -n "$(find /app \! -group ${PGID})" ]
 then
     echo "Fixing permissions for /app (this can take some time)."
     chown -R cronicle:cronicle /app
 fi
 
-if [ ! "$(stat -c %u /config)" -eq "${PUID}" ] || [ ! "$(stat -c %g /config)" -eq "${PGID}" ]
+if [ -n "$(find /config \! -user ${PUID})" ] || [ -n "$(find /config \! -group ${PGID})" ]
 then
     echo "Fixing permissions for /config (this can take some time)."
     chown -R cronicle:cronicle /config

From 90aaf388cb8a76ed6bdfd6b08132a1e5aa01194c Mon Sep 17 00:00:00 2001
From: MrMeeb <mrmeeb@noreply.git.mrmeeb.stream>
Date: Fri, 21 Jul 2023 10:50:30 +0000
Subject: [PATCH 12/12] tweak worker first run config logic

---
 root/cronicle-prepare.sh | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/root/cronicle-prepare.sh b/root/cronicle-prepare.sh
index 488f63e..09eb0d8 100644
--- a/root/cronicle-prepare.sh
+++ b/root/cronicle-prepare.sh
@@ -80,10 +80,8 @@ then
     then
 
         echo "No config found. Copy config.json from the manager server and place it in /config/cronicle/conf dir."
-        cp -r /app/cronicle/conf /config/cronicle/conf
+        cp -R /app/cronicle/conf /config/cronicle/conf
         rm -rf /config/cronicle/conf/config.json
-        rm -rf /app/cronicle/conf
-        ln -s /config/cronicle/conf /app/cronicle/conf
         echo ''
         echo ''
         echo '*************************************'