Version 3 starter

docker/rootfs/etc/cont-init.d/.gitignore

@@ -1,3 +0,0 @@
-*
-!.gitignore
-!*.sh

docker/rootfs/etc/cont-init.d/01_s6-secret-init.sh

@@ -1,29 +0,0 @@
-#!/usr/bin/with-contenv bash
-# ref: https://github.com/linuxserver/docker-baseimage-alpine/blob/master/root/etc/cont-init.d/01-envfile
-
-# in s6, environmental variables are written as text files for s6 to monitor
-# seach through full-path filenames for files ending in "__FILE"
-for FILENAME in $(find /var/run/s6/container_environment/ | grep "__FILE$"); do
-    echo "[secret-init] Evaluating ${FILENAME##*/} ..."
-
-    # set SECRETFILE to the contents of the full-path textfile
-    SECRETFILE=$(cat ${FILENAME})
-    # SECRETFILE=${FILENAME}
-    # echo "[secret-init] Set SECRETFILE to ${SECRETFILE}"  # DEBUG - rm for prod!
-
-    # if SECRETFILE exists / is not null
-    if [[ -f ${SECRETFILE} ]]; then
-        # strip the appended "__FILE" from environmental variable name ...
-        STRIPFILE=$(echo ${FILENAME} | sed "s/__FILE//g") 
-        # echo "[secret-init] Set STRIPFILE to ${STRIPFILE}"  # DEBUG - rm for prod!
-        
-        # ... and set value to contents of secretfile
-        # since s6 uses text files, this is effectively "export ..."
-        printf $(cat ${SECRETFILE}) > ${STRIPFILE}
-        # echo "[secret-init] Set ${STRIPFILE##*/} to $(cat ${STRIPFILE})"  # DEBUG - rm for prod!"
-        echo "[secret-init] Success! ${STRIPFILE##*/} set from ${FILENAME##*/}"
-
-    else
-        echo "[secret-init] cannot find secret in ${FILENAME}"
-    fi
-done

docker/rootfs/etc/cont-init.d/10-nginx

@@ -0,0 +1,44 @@
+#!/usr/bin/with-contenv bash
+
+# Create required folders
+mkdir -p /tmp/nginx/body \
+	/run/nginx \
+	/var/log/nginx \
+	/data/nginx \
+	/data/custom_ssl \
+	/data/logs \
+	/data/access \
+	/data/nginx/default_host \
+	/data/nginx/default_www \
+	/data/nginx/proxy_host \
+	/data/nginx/redirection_host \
+	/data/nginx/stream \
+	/data/nginx/dead_host \
+	/data/nginx/temp \
+	/var/lib/nginx/cache/public \
+	/var/lib/nginx/cache/private \
+	/var/cache/nginx/proxy_temp \
+	/data/acme.sh
+
+touch /var/log/nginx/error.log && chmod 777 /var/log/nginx/error.log && chmod -R 777 /var/cache/nginx
+
+# Dynamically generate resolvers file
+echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" {print $2}' /etc/resolv.conf)" ";" > /etc/nginx/conf.d/include/resolvers.conf
+
+# Generate dummy self-signed certificate.
+if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]
+then
+	echo "Generating dummy SSL certificate..."
+	openssl req \
+		-new \
+		-newkey rsa:2048 \
+		-days 3650 \
+		-nodes \
+		-x509 \
+		-subj '/O=Nginx Proxy Manager/OU=Dummy Certificate/CN=localhost' \
+		-keyout /data/nginx/dummykey.pem \
+		-out /data/nginx/dummycert.pem
+	echo "Complete"
+else
+	echo "Skipping generation of dummy SSL cert"
+fi

docker/rootfs/etc/cont-init.d/20-adduser

@@ -0,0 +1,33 @@
+#!/usr/bin/with-contenv bash
+
+PUID=${PUID:-911}
+PGID=${PGID:-911}
+
+groupmod -g 1000 users || exit 1
+useradd -u "${PUID}" -U -d /data -s /bin/false npmuser || exit 1
+usermod -G users npmuser || exit 1
+groupmod -o -g "$PGID" npmuser || exit 1
+
+echo "-------------------------------------
+ _   _ ____  __  __
+| \ | |  _ \|  \/  |
+|  \| | |_) | |\/| |
+| |\  |  __/| |  | |
+|_| \_|_|   |_|  |_|
+-------------------------------------
+User UID: $(id -u npmuser)
+User GID: $(id -g npmuser)
+-------------------------------------
+"
+
+chown -R npmuser:npmuser /data
+chown -R npmuser:npmuser /run/nginx
+chown -R npmuser:npmuser /etc/nginx
+chown -R npmuser:npmuser /tmp/nginx
+chown -R npmuser:npmuser /var/cache/nginx
+chown -R npmuser:npmuser /var/lib/nginx
+chown -R npmuser:npmuser /var/log/nginx
+
+# Home for npmuser
+mkdir -p /tmp/npmuserhome
+chown -R npmuser:npmuser /tmp/npmuserhome

docker/rootfs/etc/cont-init.d/30-dbmate

@@ -0,0 +1,16 @@
+#!/usr/bin/with-contenv bash
+
+CYAN='\E[1;36m'
+YELLOW='\E[1;33m'
+MAGENTA='\E[1;35m'
+RESET='\E[0m'
+
+if [ "$LOG_LEVEL" == "debug" ]; then
+	echo -e "${MAGENTA}[DEBUG] ${CYAN}DATABASE_URL=${YELLOW}${DATABASE_URL}${RESET}"
+fi
+
+# Firstly create the sqlite database if it doesn't already exist
+# and run any migrations required
+echo -e "${YELLOW}Running dbmate migrations ...${RESET}"
+s6-setuidgid npmuser /bin/dbmate up || exit 1
+echo -e "${GREEN}Completed dbmate migrations!${RESET}"