Merge pull request '1.0.5' (#11) from develop into main

Reviewed-on: #11

.drone.yml

@@ -1,12 +1,11 @@
 kind: pipeline
 type: docker
-name: build-main-images
+name: build-release-images
 trigger:
   event:
     exclude:
     - pull_request
   ref:
-    - refs/heads/main
     - refs/tags/**
 
 platform:
@@ -19,36 +18,16 @@ steps:
   image: docker:git
   commands:
     - git fetch --tags
-  when:
-    ref:
-      - refs/tags/**
   depends_on:
     - clone
 
-  # Set tags for main branch
 - name: make-tags
-  image: node
-  commands:
-    - echo -n "${DRONE_COMMIT_SHA:0:8}, latest" > .tags
-  when:
-    ref:
-      - refs/heads/main
-  depends_on:
-    - get-tags
-    - clone
-
-- name: make-tags-release
   image: node
   commands:
     - echo -n "${DRONE_TAG}, latest" > .tags
-  when:
-    ref:
-      - refs/tags/**
   depends_on:
     - get-tags
-    - clone
 
-  # Build containers from main branch
 - name: build-gitea
   image: thegeeklab/drone-docker-buildx
   privileged: true
@@ -65,7 +44,6 @@ steps:
       - linux/amd64
   depends_on:
     - make-tags
-    - make-tags-release
 
 - name: build-github
   image: thegeeklab/drone-docker-buildx
@@ -83,7 +61,6 @@ steps:
       - linux/amd64
   depends_on:
     - make-tags
-    - make-tags-release
 
 - name: release-gitea
   image: goreleaser/goreleaser
@@ -92,9 +69,6 @@ steps:
       from_secret: gitea_token
   commands:
     - goreleaser release -f .goreleaser-gitea.yaml
-  when:
-    ref:
-      - refs/tags/**
   depends_on:
     - build-gitea
 
@@ -105,9 +79,6 @@ steps:
       from_secret: github_token
   commands:
     - goreleaser release -f .goreleaser-github.yaml
-  when:
-    ref:
-      - refs/tags/**
   depends_on:
     - build-github
 
@@ -123,6 +94,78 @@ steps:
   depends_on:
     - release-gitea
     - release-github
+
+---
+kind: pipeline
+type: docker
+name: build-main-images
+trigger:
+  event:
+    exclude:
+    - pull_request
+  ref:
+    - refs/heads/main
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+
+- name: make-tags
+  image: node
+  commands:
+    - echo -n "${DRONE_COMMIT_SHA:0:8}, latest" > .tags
+  when:
+    ref:
+      - refs/heads/main
+  depends_on:
+    - clone
+
+- name: build-gitea
+  image: thegeeklab/drone-docker-buildx
+  privileged: true
+  settings:
+    provenance: false
+    registry: git.mrmeeb.stream
+    username: 
+      from_secret: docker_username
+    password: 
+      from_secret: docker_password
+    repo: git.mrmeeb.stream/mrmeeb/cronicle
+    platforms:
+      - linux/arm64
+      - linux/amd64
+  depends_on:
+    - make-tags
+
+- name: build-github
+  image: thegeeklab/drone-docker-buildx
+  privileged: true
+  settings:
+    provenance: false
+    registry: ghcr.io
+    username: 
+      from_secret: docker_username
+    password: 
+      from_secret: github_token
+    repo: ghcr.io/mrmeeb/cronicle
+    platforms:
+      - linux/arm64
+      - linux/amd64
+  depends_on:
+    - make-tags
+
+- name: notify
+  image: plugins/slack
+  when:
+    status:
+    - success
+    - failure
+  settings:
+    webhook: 
+      from_secret: slack_webhook
+  depends_on:
     - build-github
     - build-gitea
 

Dockerfile

@@ -10,7 +10,7 @@ ENV S6_OVERLAY_ARCH=aarch64
 FROM base-${TARGETARCH}${TARGETVARIANT}
 
 ARG S6_OVERLAY_VERSION=3.1.5.0
-ARG CRONICLE_EDGE_VERSION=1.6.2
+ARG CRONICLE_EDGE_VERSION=.1.6.3
 
 ENV CRONICLE_foreground=1
 ENV CRONICLE_echo=1
@@ -23,7 +23,7 @@ ENV TZ=UTC
 ENV LOG_LEVEL=9
 
 #Get required packages
-RUN apk update && apk add tzdata curl shadow bash xz git procps nodejs npm nano
+RUN apk update && apk add --no-cache tzdata curl shadow bash xz git procps nodejs npm nano openssl ca-certificates
 
 #Make folders
 RUN mkdir /config && \
@@ -39,13 +39,18 @@ RUN curl -fsSL "https://github.com/just-containers/s6-overlay/releases/download/
     curl -fsSL "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-arch.tar.xz" | tar Jpxf - -C /
 ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2 S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 S6_VERBOSITY=1
 
-#Install Cronicle
+#Install Cronicle & tidy up things I don't want
-RUN mkdir /app/cronicle && \
+RUN apk add --no-cache --virtual .jq jq && \
+    mkdir /app/cronicle && \
     cd /app/cronicle && \
     wget https://github.com/cronicle-edge/cronicle-edge/archive/refs/tags/v${CRONICLE_EDGE_VERSION}.tar.gz && \
     tar -xf v${CRONICLE_EDGE_VERSION}.tar.gz --strip-components 1 && \
-    rm -rf Docker* .gitignore Readme.md .vscode && \
+    rm -rf Docker* .gitignore Readme.md .vscode sample_conf/examples/backup sample_conf/examples/docker.sh && \
-    rm -rf v${CRONICLE_EDGE_VERSION}.tar.gz
+    jq 'del(.storage[] | select(contains(["global/conf_keys"])))' sample_conf/setup.json >> sample_conf/setup-new.json && \
+    rm sample_conf/setup.json && \
+    mv sample_conf/setup-new.json sample_conf/setup.json && \
+    rm -rf v${CRONICLE_EDGE_VERSION}.tar.gz && \
+    apk del .jq
 
 WORKDIR /app/cronicle
 RUN npm install && \
@@ -57,5 +62,6 @@ RUN chmod +x /cronicle-prepare.sh && \
     chown -R ${PUID}:${PGID} /app /config
 
 EXPOSE 3012
+EXPOSE 3013
 
 ENTRYPOINT [ "/init" ]

README.md

@@ -92,6 +92,37 @@ services:
 
 This container automatically checks for scripts in `/config/init` and runs them at startup. This could be useful if you need to install additional applications into a worker container so it can execute jobs.
 
+Note that any scripts will be run as `root` before permissions are altered in `/app` and `/config`. Anything that an init script does in either of these folders will be owned by `cronicle` when the container continues.
+
+## Reverse Proxying
+
+For a single manager behind a reverse proxy, you may need to specify a specific route for the web-socket connections.
+
+An example using nginx: 
+
+```  
+  location /socket.io/ {
+        client_max_body_size                    2048m;
+        proxy_read_timeout                      86400s;
+        proxy_send_timeout                      86400s;
+        proxy_set_header                        X-Forwarded-Host $host;
+        proxy_set_header                        X-Forwarded-Server $host;
+        proxy_set_header                        X-Real-IP $remote_addr;
+        proxy_set_header                        Host $host;
+        proxy_set_header                        X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_http_version                      1.1;
+        proxy_redirect                          off;
+        proxy_set_header                        Upgrade $http_upgrade;
+        proxy_set_header                        Connection "upgrade"; 
+
+    proxy_pass          http://localhost:3012/socket.io/;
+  }
+  ```
+
+Source: https://github.com/jhuckaby/Cronicle/issues/535
+
+Load-balancing between multiple managers, as described [here](https://github.com/jhuckaby/Cronicle/blob/master/docs/Setup.md#load-balancers), has not been tested, and could behave strangely due to docker DNS.
+
 ## Ports
 
 |Port |Description|

root/container-init.sh

@@ -39,16 +39,31 @@ else
     exit 1
 fi
 
-echo "Checking permissions in /config and /app."
+#Importing and running additional scripts placed in /config/init
-
+if [ -d /config/init ]; then
-if [ ! "$(stat -c %u /app)" -eq "${PUID}" ] || [ ! "$(stat -c %g /app)" -eq "${PGID}" ]
+	if [ "$(ls -A /config/init)" ]; then
-then
+        echo "Running additional startup scripts."
-    echo "Fixing permissions for /app (this can take some time)."
+        for f in /config/init/*.sh; do
-    chown -R cronicle:cronicle /app
+            bash "$f" 
+        done
+    else
+        echo "/config/init is empty - no additional startup scripts detected."
+    fi
+else
+	echo "Directory /config/init not found. Creating."
+    mkdir /config/init && chown -R cronicle:cronicle /config/init
 fi
 
-if [ ! "$(stat -c %u /config)" -eq "${PUID}" ] || [ ! "$(stat -c %g /config)" -eq "${PGID}" ]
+echo "Checking permissions in /config and /app."
+
+if [ -n "$(find /app \! -user ${PUID})" ] || [ -n "$(find /app \! -group ${PGID})" ]
+then
+    echo "Fixing permissions for /app (this can take some time)."
+    chown -R cronicle:cronicle /app || true
+fi
+
+if [ -n "$(find /config \! -user ${PUID})" ] || [ -n "$(find /config \! -group ${PGID})" ]
 then
     echo "Fixing permissions for /config (this can take some time)."
-    chown -R cronicle:cronicle /config
+    chown -R cronicle:cronicle /config || true
 fi

root/cronicle-prepare.sh

@@ -3,34 +3,13 @@
 
 echo "Preparing Cronicle"
 
-#Importing and running additional scripts placed in /config/init
-if [ -d /config/init ]
-then
-	if [ "$(ls -A /config/init)" ]
-    then
-
-        echo "Running additional startup scripts."
-
-        bash /config/init/*
-	
-    else
-        
-        echo "/config/init is empty - no additional startup scripts detected."
-	
-    fi
-else
-
-	echo "Directory /config/init not found. Creating."
-
-    mkdir /config/init
-
-fi
-
 if [ ! -d /config/cronicle ]
 then
+
     echo "Directory /config/cronicle not found. Creating."
 
     mkdir /config/cronicle
+
 fi
 
 #Detecting what mode Cronicle should be started in
@@ -48,15 +27,27 @@ then
         cp -r /app/cronicle/conf /config/cronicle/conf
         rm -rf /app/cronicle/conf
         ln -s /config/cronicle/conf /app/cronicle/conf
+
     else
 
         echo "Config dir already exists. Doesn't need creating."
         echo "Linking persistent config dir back into Cronicle."
+
         rm -rf /app/cronicle/conf
         ln -s /config/cronicle/conf /app/cronicle/conf
 
     fi
 
+    if [ ! -f /config/cronicle/conf/ssl.crt ] || [ ! -f /config/cronicle/conf/ssl.key ]
+    then
+
+        echo "One or both SSL components are missing. Generating."
+
+        rm -f /config/cronicle/conf/ssl.crt /config/cronicle/conf/ssl.key
+        openssl req -x509 -newkey rsa:4096 -keyout /config/cronicle/conf/ssl.key -out /config/cronicle/conf/ssl.crt -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname"
+
+    fi
+    
     if [ ! -f /config/cronicle/data/.setup_done ]
     then
 
@@ -84,24 +75,32 @@ then
 
     echo "Cronicle is running in 'worker' mode."
 
+    #Copying config directory to /config/cronicle/conf if not already there, then linking back into Cronicle
     if [ ! -f /config/cronicle/conf/config.json ]
     then
 
         echo "No config found. Copy config.json from the manager server and place it in /config/cronicle/conf dir."
-        mkdir -p /config/cronicle/conf
+        cp -R /app/cronicle/conf /config/cronicle/conf
-        exit 0
+        rm -rf /config/cronicle/conf/config.json
+        echo ''
+        echo ''
+        echo '*************************************'
+        exit 1
 
     else
 
-        #Removing default config.json and linking provided one back into Cronicle
+        echo "Config is present."
-        rm -rf /app/cronicle/conf/config.json
+        echo "Linking persistent config dir back into Cronicle."
-        ln -s /config/cronicle/conf/config.json /app/cronicle/conf/config.json
+
+        rm -rf /app/cronicle/conf
+        ln -s /config/cronicle/conf /app/cronicle/conf
 
     fi
 
 else
 
-    echo "'$MODE' is not a recognised appion for the MODE environment variable. Accepted appions are 'manager' and 'worker'."
+    echo "'$MODE' is not a recognised appion for the MODE environment variable. Accepted options are 'manager' and 'worker'."
+    exit 1
 
 fi
 
@@ -114,10 +113,12 @@ then
     cp -r /app/cronicle/logs /config/cronicle/logs
     rm -rf /app/cronicle/logs
     ln -s /config/cronicle/logs /app/cronicle/logs
+
 else
 
     echo "Logs dir already exists. Doesn't need creating."
     echo "Linking persistent logs dir back into Cronicle."
+    
     rm -rf /app/cronicle/logs
     ln -s /config/cronicle/logs /app/cronicle/logs