Compare commits
5 Commits
b92bd85597
...
921dd8fe9f
Author | SHA1 | Date | |
---|---|---|---|
921dd8fe9f | |||
45e006c14e | |||
7b5b3a0a30 | |||
47515839a2 | |||
86af6345e5 |
2
angie/autoconf.dist/http-resolver.conf.j2
Normal file
2
angie/autoconf.dist/http-resolver.conf.j2
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
{%- set resolver_status_zone = 'http_resolver' -%}
|
||||||
|
{% include 'resolver.j2m' %}
|
13
angie/autoconf.dist/resolver.j2m
Normal file
13
angie/autoconf.dist/resolver.j2m
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
{%- if env.NGX_RESOLVERS %}
|
||||||
|
{%- if env.NGX_RESOLVER_STACK == 'any' %}
|
||||||
|
resolver {{ env.NGX_RESOLVERS }} status_zone={{ resolver_status_zone }};
|
||||||
|
{%- elif env.NGX_RESOLVER_STACK == 'ipv4' %}
|
||||||
|
resolver {{ env.NGX_RESOLVERS }} status_zone={{ resolver_status_zone }} ipv4=on ipv6=off;
|
||||||
|
{%- elif env.NGX_RESOLVER_STACK == 'ipv6' %}
|
||||||
|
resolver {{ env.NGX_RESOLVERS }} status_zone={{ resolver_status_zone }} ipv4=off ipv6=on;
|
||||||
|
{%- endif %}
|
||||||
|
{%- endif %}
|
||||||
|
|
||||||
|
{%- if env.NGX_RESOLVER_TIMEOUT %}
|
||||||
|
resolver_timeout {{ env.NGX_RESOLVER_TIMEOUT }};
|
||||||
|
{%- endif %}
|
2
angie/autoconf.dist/stream-resolver.conf.j2
Normal file
2
angie/autoconf.dist/stream-resolver.conf.j2
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
{%- set resolver_status_zone = 'stream_resolver' -%}
|
||||||
|
{% include 'resolver.j2m' %}
|
@ -2,7 +2,7 @@
|
|||||||
set -ef
|
set -ef
|
||||||
cd "$(dirname "$0")/.."
|
cd "$(dirname "$0")/.."
|
||||||
|
|
||||||
IMAGE_VERSION="${IMAGE_VERSION:-v0.0.1}"
|
IMAGE_VERSION="${IMAGE_VERSION:-v0.0.2}"
|
||||||
|
|
||||||
set -a
|
set -a
|
||||||
BUILDAH_FORMAT="${BUILDAH_FORMAT:-docker}"
|
BUILDAH_FORMAT="${BUILDAH_FORMAT:-docker}"
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
set -ef
|
set -ef
|
||||||
cd "$(dirname "$0")/.."
|
cd "$(dirname "$0")/.."
|
||||||
|
|
||||||
IMAGE_VERSION="${IMAGE_VERSION:-v0.0.1}"
|
IMAGE_VERSION="${IMAGE_VERSION:-v0.0.2}"
|
||||||
|
|
||||||
set -a
|
set -a
|
||||||
BUILDAH_FORMAT="${BUILDAH_FORMAT:-docker}"
|
BUILDAH_FORMAT="${BUILDAH_FORMAT:-docker}"
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
set -ef
|
set -ef
|
||||||
cd "$(dirname "$0")/.."
|
cd "$(dirname "$0")/.."
|
||||||
|
|
||||||
IMAGE_VERSION="${IMAGE_VERSION:-v0.0.1}"
|
IMAGE_VERSION="${IMAGE_VERSION:-v0.0.2}"
|
||||||
|
|
||||||
set -a
|
set -a
|
||||||
BUILDAH_FORMAT="${BUILDAH_FORMAT:-docker}"
|
BUILDAH_FORMAT="${BUILDAH_FORMAT:-docker}"
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
FROM docker.io/rockdrilla/angie-conv:v0.0.1
|
FROM docker.io/rockdrilla/angie-conv:v0.0.2
|
||||||
SHELL [ "/bin/sh", "-ec" ]
|
SHELL [ "/bin/sh", "-ec" ]
|
||||||
|
|
||||||
COPY /site/ /etc/angie/site/
|
COPY /site/ /etc/angie/site/
|
||||||
|
@ -11,7 +11,7 @@ server {
|
|||||||
Dockerfile:
|
Dockerfile:
|
||||||
|
|
||||||
```dockerfile
|
```dockerfile
|
||||||
FROM docker.io/rockdrilla/angie-conv:v0.0.1
|
FROM docker.io/rockdrilla/angie-conv:v0.0.2
|
||||||
|
|
||||||
COPY /site/ /etc/angie/site/
|
COPY /site/ /etc/angie/site/
|
||||||
COPY /static/ /etc/angie/static/
|
COPY /static/ /etc/angie/static/
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
FROM docker.io/rockdrilla/angie-conv:v0.0.1
|
FROM docker.io/rockdrilla/angie-conv:v0.0.2
|
||||||
SHELL [ "/bin/sh", "-ec" ]
|
SHELL [ "/bin/sh", "-ec" ]
|
||||||
|
|
||||||
COPY /site/ /etc/angie/site/
|
COPY /site/ /etc/angie/site/
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
Dockerfile:
|
Dockerfile:
|
||||||
|
|
||||||
```dockerfile
|
```dockerfile
|
||||||
FROM docker.io/rockdrilla/angie-conv:v0.0.1
|
FROM docker.io/rockdrilla/angie-conv:v0.0.2
|
||||||
|
|
||||||
COPY /site/ /etc/angie/site/
|
COPY /site/ /etc/angie/site/
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
FROM docker.io/rockdrilla/angie-conv:v0.0.1
|
FROM docker.io/rockdrilla/angie-conv:v0.0.2
|
||||||
SHELL [ "/bin/sh", "-ec" ]
|
SHELL [ "/bin/sh", "-ec" ]
|
||||||
|
|
||||||
COPY /site/ /etc/angie/site/
|
COPY /site/ /etc/angie/site/
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
Dockerfile:
|
Dockerfile:
|
||||||
|
|
||||||
```dockerfile
|
```dockerfile
|
||||||
FROM docker.io/rockdrilla/angie-conv:v0.0.1
|
FROM docker.io/rockdrilla/angie-conv:v0.0.2
|
||||||
|
|
||||||
COPY /site/ /etc/angie/site/
|
COPY /site/ /etc/angie/site/
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
FROM docker.io/rockdrilla/angie-conv:v0.0.1
|
FROM docker.io/rockdrilla/angie-conv:v0.0.2
|
||||||
SHELL [ "/bin/sh", "-ec" ]
|
SHELL [ "/bin/sh", "-ec" ]
|
||||||
|
|
||||||
COPY /site/ /etc/angie/site/
|
COPY /site/ /etc/angie/site/
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
Dockerfile:
|
Dockerfile:
|
||||||
|
|
||||||
```dockerfile
|
```dockerfile
|
||||||
FROM docker.io/rockdrilla/angie-conv:v0.0.1
|
FROM docker.io/rockdrilla/angie-conv:v0.0.2
|
||||||
|
|
||||||
COPY /site/ /etc/angie/site/
|
COPY /site/ /etc/angie/site/
|
||||||
COPY /static/ /etc/angie/static/
|
COPY /static/ /etc/angie/static/
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
FROM docker.io/rockdrilla/angie-conv:v0.0.1
|
FROM docker.io/rockdrilla/angie-conv:v0.0.2
|
||||||
SHELL [ "/bin/sh", "-ec" ]
|
SHELL [ "/bin/sh", "-ec" ]
|
||||||
|
|
||||||
COPY /site/ /etc/angie/site/
|
COPY /site/ /etc/angie/site/
|
||||||
|
@ -13,7 +13,7 @@ server {
|
|||||||
Dockerfile:
|
Dockerfile:
|
||||||
|
|
||||||
```dockerfile
|
```dockerfile
|
||||||
FROM docker.io/rockdrilla/angie-conv:v0.0.1
|
FROM docker.io/rockdrilla/angie-conv:v0.0.2
|
||||||
|
|
||||||
COPY /site/ /etc/angie/site/
|
COPY /site/ /etc/angie/site/
|
||||||
COPY /static/ /etc/angie/static/
|
COPY /static/ /etc/angie/static/
|
||||||
|
@ -8,7 +8,7 @@ empty_dir='/var/lib/empty'
|
|||||||
|
|
||||||
have_envvar() {
|
have_envvar() {
|
||||||
[ -n "$1" ] || return 1
|
[ -n "$1" ] || return 1
|
||||||
grep -Ezq "^$1=" /proc/self/environ || return
|
grep -Ezq "^$1=" /proc/$$/environ || return
|
||||||
}
|
}
|
||||||
|
|
||||||
## unexporting variable in (POSIX) sh is PITA =/
|
## unexporting variable in (POSIX) sh is PITA =/
|
||||||
@ -202,6 +202,7 @@ prepend_list() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
list_have_item() {
|
list_have_item() {
|
||||||
|
[ -n "$1" ] || return 1
|
||||||
[ -n "$2" ] || return 1
|
[ -n "$2" ] || return 1
|
||||||
case " $1 " in
|
case " $1 " in
|
||||||
*" $2 "* ) return 0 ;;
|
*" $2 "* ) return 0 ;;
|
||||||
@ -213,16 +214,15 @@ normalize_list() {
|
|||||||
[ -n "$1" ] || return 0
|
[ -n "$1" ] || return 0
|
||||||
|
|
||||||
printf '%s' "$1" \
|
printf '%s' "$1" \
|
||||||
| tr -s '[:space:]' ' ' \
|
| sed -zE 's/[[:space:]]+/ /g;s/^ //;s/ $//'
|
||||||
| sed -zE 's/^ //;s/ $//'
|
|
||||||
}
|
}
|
||||||
|
|
||||||
sort_dedup_list() {
|
sort_dedup_list() {
|
||||||
[ -n "$1" ] || return 0
|
[ -n "$1" ] || return 0
|
||||||
|
|
||||||
printf '%s' "$1" \
|
printf '%s' "$1" \
|
||||||
| tr -s '[:space:]' '\n' | sort -uV | paste -sd ' ' \
|
| tr -s '[:space:]' '\n' | sort -uV \
|
||||||
| sed -zE 's/^\s+//;s/\s+$//'
|
| sed -zE 's/[[:space:]]+/ /g;s/^ //;s/ $//'
|
||||||
}
|
}
|
||||||
|
|
||||||
float_div() {
|
float_div() {
|
||||||
@ -235,4 +235,11 @@ find_fast() {
|
|||||||
|
|
||||||
randN() {
|
randN() {
|
||||||
od -v -A n -t x1 -N "$1" < /dev/urandom | tr -d '[:space:]'
|
od -v -A n -t x1 -N "$1" < /dev/urandom | tr -d '[:space:]'
|
||||||
|
}
|
||||||
|
|
||||||
|
re_ipv4_oct='[0-9]|[1-9][0-9]|[1-9][0-9][0-9]|2[0-4][0-9]|25[0-5]'
|
||||||
|
re_ipv4_addr="^${re_ipv4_oct}\.${re_ipv4_oct}\.${re_ipv4_oct}\.${re_ipv4_oct}\$"
|
||||||
|
is_ipv4_address() {
|
||||||
|
[ -n "$1" ] || return 1
|
||||||
|
printf '%s' "$1" | grep -zEq "${re_ipv4_addr}" || return 1
|
||||||
}
|
}
|
@ -2,5 +2,6 @@
|
|||||||
|
|
||||||
unset IEP_ROOT
|
unset IEP_ROOT
|
||||||
IEP_ROOT=1
|
IEP_ROOT=1
|
||||||
[ "$(stat -c %u /proc/1)" = 0 ] || IEP_ROOT=0
|
# [ "$(env stat -Lc %u /proc/$$)" = 0 ] || IEP_ROOT=0
|
||||||
|
[ "$(id -n)" = 0 ] || IEP_ROOT=0
|
||||||
export IEP_ROOT
|
export IEP_ROOT
|
||||||
|
@ -3,15 +3,18 @@
|
|||||||
unset IEP_LOCAL_OVERRIDE
|
unset IEP_LOCAL_OVERRIDE
|
||||||
IEP_LOCAL_OVERRIDE=0
|
IEP_LOCAL_OVERRIDE=0
|
||||||
|
|
||||||
unset _fsspec _fstarget _fstype _fsopts _fsreq _fspass
|
unset _fsspec i _extra
|
||||||
while read -r _fsspec _fstarget _fstype _fsopts _fsreq _fspass ; do
|
while read -r _fsspec i _extra ; do
|
||||||
case "${_fstarget}" in
|
[ -n "$i" ] || continue
|
||||||
|
case "$i" in
|
||||||
/angie | /angie/* )
|
/angie | /angie/* )
|
||||||
IEP_LOCAL_OVERRIDE=1
|
IEP_LOCAL_OVERRIDE=1
|
||||||
break
|
break
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
done < /proc/mounts
|
done <<-EOF
|
||||||
unset _fsspec _fstarget _fstype _fsopts _fsreq _fspass
|
$(grep -F angie /proc/mounts)
|
||||||
|
EOF
|
||||||
|
unset _fsspec i _extra
|
||||||
|
|
||||||
export IEP_LOCAL_OVERRIDE
|
export IEP_LOCAL_OVERRIDE
|
||||||
|
@ -13,9 +13,14 @@ unset NGX_IPV4_ADDRESSES NGX_IPV6_ADDRESSES
|
|||||||
for i in ${NGX_IP_ADDRESSES} ; do
|
for i in ${NGX_IP_ADDRESSES} ; do
|
||||||
case "$i" in
|
case "$i" in
|
||||||
*:* )
|
*:* )
|
||||||
|
## TODO: IPv6 address validation
|
||||||
NGX_IPV6_ADDRESSES=$(append_list "${NGX_IPV6_ADDRESSES}" "$i")
|
NGX_IPV6_ADDRESSES=$(append_list "${NGX_IPV6_ADDRESSES}" "$i")
|
||||||
;;
|
;;
|
||||||
* )
|
* )
|
||||||
|
if ! is_ipv4_address "$i" ; then
|
||||||
|
log_always "invalid IPv4 address: $i"
|
||||||
|
continue
|
||||||
|
fi
|
||||||
NGX_IPV4_ADDRESSES=$(append_list "${NGX_IPV4_ADDRESSES}" "$i")
|
NGX_IPV4_ADDRESSES=$(append_list "${NGX_IPV4_ADDRESSES}" "$i")
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
109
image-entry.d/06-resolver.envsh
Executable file
109
image-entry.d/06-resolver.envsh
Executable file
@ -0,0 +1,109 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
unset _NGX_RESOLVER_STACK _NGX_RESOLVER_TIMEOUT
|
||||||
|
## here should be SANE defaults (!)
|
||||||
|
_NGX_RESOLVER_STACK=ipv4
|
||||||
|
_NGX_RESOLVER_TIMEOUT=10s
|
||||||
|
|
||||||
|
if [ -z "${NGX_RESOLVER_STACK:-}" ] ; then
|
||||||
|
NGX_RESOLVER_STACK=${_NGX_RESOLVER_STACK}
|
||||||
|
else
|
||||||
|
case "${NGX_RESOLVER_STACK}" in
|
||||||
|
[Ii][Pp][Vv]4 | [Vv]4 | 4 )
|
||||||
|
## adjust
|
||||||
|
NGX_RESOLVER_STACK=ipv4
|
||||||
|
;;
|
||||||
|
[Ii][Pp][Vv]6 | [Vv]6 | 6 )
|
||||||
|
## adjust
|
||||||
|
NGX_RESOLVER_STACK=ipv6
|
||||||
|
;;
|
||||||
|
[Dd][Uu][Aa][Ll] | [Aa][Ll][Ll] | [Aa][Nn][Yy] )
|
||||||
|
## adjust
|
||||||
|
NGX_RESOLVER_STACK=any
|
||||||
|
;;
|
||||||
|
[Nn][Oo][Nn][Ee] | 0 )
|
||||||
|
## adjust
|
||||||
|
NGX_RESOLVER_STACK=none
|
||||||
|
;;
|
||||||
|
* )
|
||||||
|
log_always "NGX_RESOLVER_STACK: unrecognized value: ${NGX_RESOLVER_STACK}"
|
||||||
|
log_always "setting NGX_RESOLVER_STACK=${_NGX_RESOLVER_STACK}"
|
||||||
|
NGX_RESOLVER_STACK=${_NGX_RESOLVER_STACK}
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
export NGX_RESOLVER_STACK
|
||||||
|
|
||||||
|
if [ "${NGX_RESOLVER_STACK}" = 'none' ] ; then
|
||||||
|
unset NGX_RESOLV_CONF NGX_RESOLVER_TIMEOUT NGX_RESOLVERS
|
||||||
|
else
|
||||||
|
if [ -z "${NGX_RESOLVER_TIMEOUT:-}" ] ; then
|
||||||
|
NGX_RESOLVER_TIMEOUT=${_NGX_RESOLVER_TIMEOUT}
|
||||||
|
else
|
||||||
|
case "${NGX_RESOLVER_TIMEOUT}" in
|
||||||
|
[1-9] | [1-9][0-9] )
|
||||||
|
## convert implicit "seconds" to explicit
|
||||||
|
NGX_RESOLVER_TIMEOUT="${NGX_RESOLVER_TIMEOUT}s"
|
||||||
|
;;
|
||||||
|
[1-9]s | [1-9][0-9]s )
|
||||||
|
## pass
|
||||||
|
;;
|
||||||
|
[1-9]ms | [1-9][0-9]ms | [1-9][0-9][0-9]ms | [1-9][0-9][0-9][0-9]ms | [1-9][0-9][0-9][0-9][0-9]ms )
|
||||||
|
## pass
|
||||||
|
;;
|
||||||
|
* )
|
||||||
|
log_always "NGX_RESOLVER_TIMEOUT: unrecognized value: ${NGX_RESOLVER_TIMEOUT}"
|
||||||
|
log_always "setting NGX_RESOLVER_TIMEOUT=${_NGX_RESOLVER_TIMEOUT}"
|
||||||
|
NGX_RESOLVER_TIMEOUT=${_NGX_RESOLVER_TIMEOUT}
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
export NGX_RESOLVER_TIMEOUT
|
||||||
|
|
||||||
|
unset _resolv_conf
|
||||||
|
while [ -z "${NGX_RESOLVERS+x}" ] ; do
|
||||||
|
_resolv_conf="${NGX_RESOLV_CONF-/etc/resolv.conf}"
|
||||||
|
[ -n "${_resolv_conf}" ] || break
|
||||||
|
[ -f "${_resolv_conf}" ] || break
|
||||||
|
[ -s "${_resolv_conf}" ] || break
|
||||||
|
|
||||||
|
unset i
|
||||||
|
while read -r i ; do
|
||||||
|
[ -n "$i" ] || continue
|
||||||
|
|
||||||
|
case "$i" in
|
||||||
|
## NB: /etc/resolv.conf allows (!) IPv6 addresses in dotted form (RFC 2373) but this is discouraged
|
||||||
|
*:* )
|
||||||
|
## TODO: IPv6 address validation
|
||||||
|
i="[$i]"
|
||||||
|
|
||||||
|
case "${NGX_RESOLVER_STACK}" in
|
||||||
|
ipv6 | any )
|
||||||
|
NGX_RESOLVERS=$(append_list "${NGX_RESOLVERS}" "$i")
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
* )
|
||||||
|
if ! is_ipv4_address "$i" ; then
|
||||||
|
log_always "invalid IPv4 address: $i"
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
|
||||||
|
case "${NGX_RESOLVER_STACK}" in
|
||||||
|
ipv4 | any )
|
||||||
|
NGX_RESOLVERS=$(append_list "${NGX_RESOLVERS}" "$i")
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done <<-EOF
|
||||||
|
$(mawk '$1 == "nameserver" {print $2}' < "${_resolv_conf}")
|
||||||
|
EOF
|
||||||
|
unset i
|
||||||
|
done
|
||||||
|
unset _resolv_conf
|
||||||
|
|
||||||
|
[ -z "${NGX_RESOLVERS}" ] || export NGX_RESOLVERS
|
||||||
|
fi
|
||||||
|
|
||||||
|
unset _NGX_RESOLVER_STACK _NGX_RESOLVER_TIMEOUT
|
@ -9,62 +9,68 @@ unset _NGX_USER _NGX_GROUP
|
|||||||
_NGX_USER=angie
|
_NGX_USER=angie
|
||||||
_NGX_GROUP=angie
|
_NGX_GROUP=angie
|
||||||
|
|
||||||
[ -n "${NGX_USER:-}" ] || NGX_USER=${_NGX_USER}
|
if [ -z "${NGX_USER:-}" ] ; then
|
||||||
case "${NGX_USER}" in
|
NGX_USER=${_NGX_USER}
|
||||||
"${_NGX_USER}" ) ;;
|
else
|
||||||
## numeric id - remap to name
|
case "${NGX_USER}" in
|
||||||
[1-9]* )
|
"${_NGX_USER}" ) ;;
|
||||||
_user_name=$(getent passwd "${NGX_USER}" | cut -d: -f1)
|
[1-9]* )
|
||||||
if [ -n "${_user_name}" ] ; then
|
## numeric id - remap to name
|
||||||
NGX_USER=${_user_name}
|
_user_name=$(getent passwd "${NGX_USER}" | cut -d: -f1)
|
||||||
else
|
if [ -n "${_user_name}" ] ; then
|
||||||
log_always "NGX_USER: ID is not known in /etc/passwd: ${NGX_USER}"
|
NGX_USER=${_user_name}
|
||||||
log_always "setting NGX_USER=${_NGX_USER}"
|
else
|
||||||
NGX_USER=${_NGX_USER}
|
log_always "NGX_USER: ID is not known in /etc/passwd: ${NGX_USER}"
|
||||||
fi
|
log_always "setting NGX_USER=${_NGX_USER}"
|
||||||
unset _user_name
|
NGX_USER=${_NGX_USER}
|
||||||
;;
|
fi
|
||||||
* )
|
unset _user_name
|
||||||
_user_name=$(getent passwd "${NGX_USER}" | cut -d: -f1)
|
;;
|
||||||
if [ -n "${_user_name}" ] ; then
|
* )
|
||||||
NGX_USER=${_user_name}
|
_user_name=$(getent passwd "${NGX_USER}" | cut -d: -f1)
|
||||||
else
|
if [ -n "${_user_name}" ] ; then
|
||||||
log_always "NGX_USER: name is not known in /etc/passwd: ${NGX_USER}"
|
NGX_USER=${_user_name}
|
||||||
log_always "setting NGX_USER=${_NGX_USER}"
|
else
|
||||||
NGX_USER=${_NGX_USER}
|
log_always "NGX_USER: name is not known in /etc/passwd: ${NGX_USER}"
|
||||||
fi
|
log_always "setting NGX_USER=${_NGX_USER}"
|
||||||
unset _user_name
|
NGX_USER=${_NGX_USER}
|
||||||
;;
|
fi
|
||||||
esac
|
unset _user_name
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
export NGX_USER
|
||||||
|
|
||||||
[ -n "${NGX_GROUP:-}" ] || NGX_GROUP=${_NGX_GROUP}
|
if [ -z "${NGX_GROUP:-}" ] ; then
|
||||||
case "${NGX_GROUP}" in
|
NGX_GROUP=${_NGX_GROUP}
|
||||||
"${_NGX_GROUP}" ) ;;
|
else
|
||||||
## numeric id - remap to name
|
case "${NGX_GROUP}" in
|
||||||
[1-9]* )
|
"${_NGX_GROUP}" ) ;;
|
||||||
_group_name=$(getent group "${NGX_GROUP}" | cut -d: -f1)
|
[1-9]* )
|
||||||
if [ -n "${_group_name}" ] ; then
|
## numeric id - remap to name
|
||||||
NGX_GROUP=${_group_name}
|
_group_name=$(getent group "${NGX_GROUP}" | cut -d: -f1)
|
||||||
else
|
if [ -n "${_group_name}" ] ; then
|
||||||
log_always "NGX_GROUP: ID is not known in /etc/group: ${NGX_GROUP}"
|
NGX_GROUP=${_group_name}
|
||||||
log_always "setting NGX_GROUP=${_NGX_GROUP}"
|
else
|
||||||
NGX_GROUP=${_NGX_GROUP}
|
log_always "NGX_GROUP: ID is not known in /etc/group: ${NGX_GROUP}"
|
||||||
fi
|
log_always "setting NGX_GROUP=${_NGX_GROUP}"
|
||||||
unset _group_name
|
NGX_GROUP=${_NGX_GROUP}
|
||||||
;;
|
fi
|
||||||
* )
|
unset _group_name
|
||||||
_group_name=$(getent group "${NGX_GROUP}" | cut -d: -f1)
|
;;
|
||||||
if [ -n "${_group_name}" ] ; then
|
* )
|
||||||
NGX_GROUP=${_group_name}
|
_group_name=$(getent group "${NGX_GROUP}" | cut -d: -f1)
|
||||||
else
|
if [ -n "${_group_name}" ] ; then
|
||||||
log_always "NGX_GROUP: name is not known in /etc/group: ${NGX_GROUP}"
|
NGX_GROUP=${_group_name}
|
||||||
log_always "setting NGX_GROUP=${_NGX_GROUP}"
|
else
|
||||||
NGX_GROUP=${_NGX_GROUP}
|
log_always "NGX_GROUP: name is not known in /etc/group: ${NGX_GROUP}"
|
||||||
fi
|
log_always "setting NGX_GROUP=${_NGX_GROUP}"
|
||||||
unset _group_name
|
NGX_GROUP=${_NGX_GROUP}
|
||||||
;;
|
fi
|
||||||
esac
|
unset _group_name
|
||||||
|
;;
|
||||||
export NGX_USER NGX_GROUP
|
esac
|
||||||
|
fi
|
||||||
|
export NGX_GROUP
|
||||||
|
|
||||||
unset _NGX_USER _NGX_GROUP
|
unset _NGX_USER _NGX_GROUP
|
||||||
|
@ -6,59 +6,65 @@ _NGX_WORKER_PROCESSES=2
|
|||||||
_NGX_WORKER_PRIORITY=0
|
_NGX_WORKER_PRIORITY=0
|
||||||
_NGX_WORKER_RLIMIT_NOFILE=16384
|
_NGX_WORKER_RLIMIT_NOFILE=16384
|
||||||
_NGX_WORKER_CONNECTIONS=4096
|
_NGX_WORKER_CONNECTIONS=4096
|
||||||
_NGX_WORKER_AIO_REQUESTS=64
|
_NGX_WORKER_AIO_REQUESTS=32
|
||||||
|
|
||||||
[ -n "${NGX_WORKER_PROCESSES:-}" ] || NGX_WORKER_PROCESSES=${_NGX_WORKER_PROCESSES}
|
if [ -z "${NGX_WORKER_PROCESSES:-}" ] ; then
|
||||||
case "${NGX_WORKER_PROCESSES}" in
|
|
||||||
## allow values within [1;999]
|
|
||||||
[1-9] | [1-9][0-9] | [1-9][0-9][0-9] ) ;;
|
|
||||||
[Aa][Uu][Tt][Oo] )
|
|
||||||
## adjust
|
|
||||||
NGX_WORKER_PROCESSES=auto
|
|
||||||
log_always "NGX_WORKER_PROCESSES: \"auto\" isn't supported by container yet"
|
|
||||||
log_always "offloading decision to Angie (this could be a problem!)"
|
|
||||||
;;
|
|
||||||
0 )
|
|
||||||
log_always "NGX_WORKER_PROCESSES: \"0\" isn't supported by container yet"
|
|
||||||
log_always "setting NGX_WORKER_PROCESSES=${_NGX_WORKER_PROCESSES}"
|
|
||||||
NGX_WORKER_PROCESSES=${_NGX_WORKER_PROCESSES}
|
NGX_WORKER_PROCESSES=${_NGX_WORKER_PROCESSES}
|
||||||
;;
|
else
|
||||||
* )
|
case "${NGX_WORKER_PROCESSES}" in
|
||||||
log_always "NGX_WORKER_PROCESSES: unrecognized value: ${NGX_WORKER_PROCESSES}"
|
## allow values within [1;999]
|
||||||
log_always "setting NGX_WORKER_PROCESSES=${_NGX_WORKER_PROCESSES}"
|
[1-9] | [1-9][0-9] | [1-9][0-9][0-9] ) ;;
|
||||||
NGX_WORKER_PROCESSES=${_NGX_WORKER_PROCESSES}
|
[Aa][Uu][Tt][Oo] )
|
||||||
;;
|
## adjust
|
||||||
esac
|
NGX_WORKER_PROCESSES=auto
|
||||||
|
log_always "NGX_WORKER_PROCESSES: \"auto\" isn't supported by container yet"
|
||||||
|
log_always "offloading decision to Angie (this could be a problem!)"
|
||||||
|
;;
|
||||||
|
0 )
|
||||||
|
log_always "NGX_WORKER_PROCESSES: \"0\" isn't supported by container yet"
|
||||||
|
log_always "setting NGX_WORKER_PROCESSES=${_NGX_WORKER_PROCESSES}"
|
||||||
|
NGX_WORKER_PROCESSES=${_NGX_WORKER_PROCESSES}
|
||||||
|
;;
|
||||||
|
* )
|
||||||
|
log_always "NGX_WORKER_PROCESSES: unrecognized value: ${NGX_WORKER_PROCESSES}"
|
||||||
|
log_always "setting NGX_WORKER_PROCESSES=${_NGX_WORKER_PROCESSES}"
|
||||||
|
NGX_WORKER_PROCESSES=${_NGX_WORKER_PROCESSES}
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
export NGX_WORKER_PROCESSES
|
export NGX_WORKER_PROCESSES
|
||||||
|
|
||||||
if [ -z "${NGX_WORKER_CPU_AFFINITY:-}" ] ; then
|
if [ -z "${NGX_WORKER_CPU_AFFINITY:-}" ] ; then
|
||||||
unset NGX_WORKER_CPU_AFFINITY
|
unset NGX_WORKER_CPU_AFFINITY
|
||||||
else
|
else
|
||||||
## offload handling to Angie
|
## let Angie handle this
|
||||||
set -a
|
set -a
|
||||||
NGX_WORKER_CPU_AFFINITY=$(normalize_list "${NGX_WORKER_CPU_AFFINITY}")
|
NGX_WORKER_CPU_AFFINITY=$(normalize_list "${NGX_WORKER_CPU_AFFINITY}")
|
||||||
set +a
|
set +a
|
||||||
fi
|
fi
|
||||||
|
|
||||||
[ -n "${NGX_WORKER_CONNECTIONS:-}" ] || NGX_WORKER_CONNECTIONS=${_NGX_WORKER_CONNECTIONS}
|
if [ -z "${NGX_WORKER_CONNECTIONS:-}" ] ; then
|
||||||
case "${NGX_WORKER_CONNECTIONS}" in
|
|
||||||
[0-9] | [1-9][0-9] )
|
|
||||||
log_always "NGX_WORKER_CONNECTIONS: too low: ${NGX_WORKER_CONNECTIONS}"
|
|
||||||
log_always "setting NGX_WORKER_CONNECTIONS=${_NGX_WORKER_CONNECTIONS}"
|
|
||||||
NGX_WORKER_CONNECTIONS=${_NGX_WORKER_CONNECTIONS}
|
NGX_WORKER_CONNECTIONS=${_NGX_WORKER_CONNECTIONS}
|
||||||
;;
|
else
|
||||||
## allow values within [100;9999999]
|
case "${NGX_WORKER_CONNECTIONS}" in
|
||||||
[1-9][0-9][0-9] ) ;;
|
[0-9] | [1-9][0-9] )
|
||||||
[1-9][0-9][0-9][0-9] ) ;;
|
log_always "NGX_WORKER_CONNECTIONS: too low: ${NGX_WORKER_CONNECTIONS}"
|
||||||
[1-9][0-9][0-9][0-9][0-9] ) ;;
|
log_always "setting NGX_WORKER_CONNECTIONS=${_NGX_WORKER_CONNECTIONS}"
|
||||||
[1-9][0-9][0-9][0-9][0-9][0-9] ) ;;
|
NGX_WORKER_CONNECTIONS=${_NGX_WORKER_CONNECTIONS}
|
||||||
[1-9][0-9][0-9][0-9][0-9][0-9][0-9] ) ;;
|
;;
|
||||||
* )
|
## allow values within [100;9999999]
|
||||||
log_always "NGX_WORKER_CONNECTIONS: unrecognized value: ${NGX_WORKER_CONNECTIONS}"
|
[1-9][0-9][0-9] ) ;;
|
||||||
log_always "setting NGX_WORKER_CONNECTIONS=${_NGX_WORKER_CONNECTIONS}"
|
[1-9][0-9][0-9][0-9] ) ;;
|
||||||
NGX_WORKER_CONNECTIONS=${_NGX_WORKER_CONNECTIONS}
|
[1-9][0-9][0-9][0-9][0-9] ) ;;
|
||||||
;;
|
[1-9][0-9][0-9][0-9][0-9][0-9] ) ;;
|
||||||
esac
|
[1-9][0-9][0-9][0-9][0-9][0-9][0-9] ) ;;
|
||||||
|
* )
|
||||||
|
log_always "NGX_WORKER_CONNECTIONS: unrecognized value: ${NGX_WORKER_CONNECTIONS}"
|
||||||
|
log_always "setting NGX_WORKER_CONNECTIONS=${_NGX_WORKER_CONNECTIONS}"
|
||||||
|
NGX_WORKER_CONNECTIONS=${_NGX_WORKER_CONNECTIONS}
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
export NGX_WORKER_CONNECTIONS
|
export NGX_WORKER_CONNECTIONS
|
||||||
|
|
||||||
if [ -z "${NGX_WORKER_PRIORITY:-}" ] ; then
|
if [ -z "${NGX_WORKER_PRIORITY:-}" ] ; then
|
||||||
@ -181,11 +187,14 @@ else
|
|||||||
fi
|
fi
|
||||||
if [ ${nofile_limit} -lt ${NGX_WORKER_CONNECTIONS} ] ; then
|
if [ ${nofile_limit} -lt ${NGX_WORKER_CONNECTIONS} ] ; then
|
||||||
log_always "WARNING: ${nofile_kind} is less than NGX_WORKER_CONNECTIONS (${nofile_limit} < ${NGX_WORKER_CONNECTIONS})"
|
log_always "WARNING: ${nofile_kind} is less than NGX_WORKER_CONNECTIONS (${nofile_limit} < ${NGX_WORKER_CONNECTIONS})"
|
||||||
|
log_always "NGX_WORKER_CONNECTIONS is recommended to be at least twice larger than ${nofile_kind}"
|
||||||
else
|
else
|
||||||
|
unset ratio
|
||||||
ratio=$(float_div "${nofile_limit}" "${NGX_WORKER_CONNECTIONS}")
|
ratio=$(float_div "${nofile_limit}" "${NGX_WORKER_CONNECTIONS}")
|
||||||
case "${ratio}" in
|
case "${ratio}" in
|
||||||
1 | 1.* )
|
1 | 1.* )
|
||||||
log_always "WARNING: \"${nofile_kind}/NGX_WORKER_CONNECTIONS\" ratio is too low (=${ratio})"
|
log_always "WARNING: \"${nofile_kind}/NGX_WORKER_CONNECTIONS\" ratio is too low (=${ratio})"
|
||||||
|
log_always "NGX_WORKER_CONNECTIONS is recommended to be at least twice larger than ${nofile_kind}"
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
unset ratio
|
unset ratio
|
||||||
|
@ -5,35 +5,11 @@ if [ "${NGX_HTTP}" = 0 ] ; then
|
|||||||
else
|
else
|
||||||
NGX_HTTP_NO_PROXY=$(gobool_to_int "${NGX_HTTP_NO_PROXY:-0}" 0)
|
NGX_HTTP_NO_PROXY=$(gobool_to_int "${NGX_HTTP_NO_PROXY:-0}" 0)
|
||||||
export NGX_HTTP_NO_PROXY
|
export NGX_HTTP_NO_PROXY
|
||||||
if [ "${NGX_HTTP_NO_PROXY}" = 0 ] ; then
|
|
||||||
NGX_HTTP_CONFLOAD=$(append_list "${NGX_HTTP_CONFLOAD}" proxy)
|
|
||||||
fi
|
|
||||||
|
|
||||||
unset http_modules http_confload
|
unset http_modules http_confload
|
||||||
http_modules=
|
http_modules=
|
||||||
http_confload="${NGX_HTTP_CONFLOAD:-}"
|
http_confload="${NGX_HTTP_CONFLOAD:-}"
|
||||||
|
|
||||||
if [ -n "${NGX_HTTP_MODULES}" ] ; then
|
|
||||||
## angie-module-lua: depends on angie-module-ndk
|
|
||||||
## angie-module-set-misc: depends on angie-module-ndk
|
|
||||||
|
|
||||||
# unset want_ndk
|
|
||||||
# want_ndk=0
|
|
||||||
# if list_have_item "${NGX_HTTP_MODULES}" lua ; then
|
|
||||||
# want_ndk=1
|
|
||||||
# elif list_have_item "${NGX_HTTP_MODULES}" set-misc ; then
|
|
||||||
# want_ndk=1
|
|
||||||
# fi
|
|
||||||
# if [ ${want_ndk} = 1 ] ; then
|
|
||||||
# NGX_HTTP_MODULES=$(prepend_list "${NGX_HTTP_MODULES}" ndk)
|
|
||||||
# fi
|
|
||||||
# unset want_ndk
|
|
||||||
NGX_HTTP_MODULES=$(
|
|
||||||
printf '%s' "${NGX_HTTP_MODULES}" \
|
|
||||||
| sed -zE 's/(\s|^)(lua|set-misc)(\s|$)/\1ndk \2\3/g'
|
|
||||||
)
|
|
||||||
fi
|
|
||||||
|
|
||||||
## filter out builtin http modules
|
## filter out builtin http modules
|
||||||
unset i
|
unset i
|
||||||
for i in ${NGX_HTTP_MODULES:-} ; do
|
for i in ${NGX_HTTP_MODULES:-} ; do
|
||||||
@ -62,17 +38,30 @@ else
|
|||||||
done
|
done
|
||||||
unset i
|
unset i
|
||||||
|
|
||||||
|
if [ "${NGX_HTTP_NO_PROXY}" = 0 ] ; then
|
||||||
|
http_confload="${http_confload} proxy"
|
||||||
|
fi
|
||||||
|
|
||||||
## grpc depends on http/2
|
## grpc depends on http/2
|
||||||
if list_have_item "${NGX_HTTP_CONFLOAD}" grpc ; then
|
if list_have_item "${http_confload}" grpc ; then
|
||||||
unset want_http2
|
http_confload="${http_confload} v2"
|
||||||
want_http2=0
|
fi
|
||||||
if ! list_have_item "${NGX_HTTP_CONFLOAD}" v2 ; then
|
|
||||||
want_http2=1
|
## angie-module-lua: depends on angie-module-ndk
|
||||||
|
## angie-module-set-misc: depends on angie-module-ndk
|
||||||
|
if [ -n "${http_modules:-}" ] ; then
|
||||||
|
unset want_ndk
|
||||||
|
want_ndk=0
|
||||||
|
if list_have_item "${http_modules}" lua ; then
|
||||||
|
want_ndk=1
|
||||||
|
elif list_have_item "${http_modules}" set-misc ; then
|
||||||
|
want_ndk=1
|
||||||
fi
|
fi
|
||||||
if [ "${want_http2}" = 1 ] ; then
|
if [ ${want_ndk} = 1 ] ; then
|
||||||
NGX_HTTP_CONFLOAD=$(append_list "${NGX_HTTP_CONFLOAD}" v2)
|
## forcefully move 'ndk' to beginning of list
|
||||||
|
http_modules=$(printf '%s' " ${http_modules} " | sed -zE 's/ ndk / /;s/^/ndk/;s/ $//')
|
||||||
fi
|
fi
|
||||||
unset want_http2
|
unset want_ndk
|
||||||
fi
|
fi
|
||||||
|
|
||||||
set -a
|
set -a
|
||||||
@ -85,20 +74,19 @@ else
|
|||||||
## quirk: angie-module-modsecurity
|
## quirk: angie-module-modsecurity
|
||||||
unset NGX_HTTP_WITH_MODSECURITY
|
unset NGX_HTTP_WITH_MODSECURITY
|
||||||
NGX_HTTP_WITH_MODSECURITY=0
|
NGX_HTTP_WITH_MODSECURITY=0
|
||||||
while : ; do
|
if list_have_item "${NGX_HTTP_MODULES}" modsecurity ; then
|
||||||
if ! list_have_item "${NGX_HTTP_MODULES}" modsecurity ; then
|
unset d f
|
||||||
break
|
|
||||||
fi
|
|
||||||
|
|
||||||
for d in /angie/modules /etc/angie/modules /etc/angie/modules.dist ; do
|
for d in /angie/modules /etc/angie/modules /etc/angie/modules.dist ; do
|
||||||
[ -d "$d" ] || continue
|
[ -d "$d" ] || continue
|
||||||
[ -f "$d/ngx_http_modsecurity_module.so" ] || continue
|
f="$d/ngx_http_modsecurity_module.so"
|
||||||
if ! [ -h "$d/ngx_http_modsecurity_module.so" ] ; then
|
[ -f "$f" ] || continue
|
||||||
|
if ! [ -h "$f" ] ; then
|
||||||
NGX_HTTP_WITH_MODSECURITY=1
|
NGX_HTTP_WITH_MODSECURITY=1
|
||||||
break
|
break
|
||||||
fi
|
fi
|
||||||
done ; unset d
|
done
|
||||||
break ; done
|
unset d f
|
||||||
|
fi
|
||||||
export NGX_HTTP_WITH_MODSECURITY
|
export NGX_HTTP_WITH_MODSECURITY
|
||||||
|
|
||||||
if [ "${NGX_HTTP_WITH_MODSECURITY}" = 1 ] ; then
|
if [ "${NGX_HTTP_WITH_MODSECURITY}" = 1 ] ; then
|
||||||
|
@ -25,31 +25,34 @@ else
|
|||||||
NGX_HTTP_X_FORWARDED=remove
|
NGX_HTTP_X_FORWARDED=remove
|
||||||
fi
|
fi
|
||||||
|
|
||||||
[ -n "${NGX_HTTP_X_FORWARDED:-}" ] || NGX_HTTP_X_FORWARDED=${_NGX_HTTP_X_FORWARDED}
|
if [ -z "${NGX_HTTP_X_FORWARDED:-}" ] ; then
|
||||||
case "${NGX_HTTP_X_FORWARDED}" in
|
NGX_HTTP_X_FORWARDED=${_NGX_HTTP_X_FORWARDED}
|
||||||
[Pp][Aa][Ss][Ss] )
|
else
|
||||||
## adjust
|
case "${NGX_HTTP_X_FORWARDED}" in
|
||||||
NGX_HTTP_X_FORWARDED=pass
|
[Pp][Aa][Ss][Ss] )
|
||||||
;;
|
## adjust
|
||||||
[Rr][Ee][Mm][Oo][Vv][Ee] )
|
NGX_HTTP_X_FORWARDED=pass
|
||||||
## adjust
|
;;
|
||||||
NGX_HTTP_X_FORWARDED=remove
|
[Rr][Ee][Mm][Oo][Vv][Ee] )
|
||||||
;;
|
## adjust
|
||||||
* )
|
NGX_HTTP_X_FORWARDED=remove
|
||||||
unset x
|
;;
|
||||||
x=$(gobool_to_int "${NGX_HTTP_X_FORWARDED}")
|
|
||||||
case "$x" in
|
|
||||||
0 ) NGX_HTTP_X_FORWARDED=remove ;;
|
|
||||||
1 ) NGX_HTTP_X_FORWARDED=pass ;;
|
|
||||||
* )
|
* )
|
||||||
log_always "NGX_HTTP_X_FORWARDED: unrecognized value: ${NGX_HTTP_X_FORWARDED}"
|
unset x
|
||||||
log_always "setting NGX_HTTP_X_FORWARDED=${_NGX_HTTP_X_FORWARDED}"
|
x=$(gobool_to_int "${NGX_HTTP_X_FORWARDED}")
|
||||||
NGX_HTTP_X_FORWARDED=${_NGX_HTTP_X_FORWARDED}
|
case "$x" in
|
||||||
|
0 ) NGX_HTTP_X_FORWARDED=remove ;;
|
||||||
|
1 ) NGX_HTTP_X_FORWARDED=pass ;;
|
||||||
|
* )
|
||||||
|
log_always "NGX_HTTP_X_FORWARDED: unrecognized value: ${NGX_HTTP_X_FORWARDED}"
|
||||||
|
log_always "setting NGX_HTTP_X_FORWARDED=${_NGX_HTTP_X_FORWARDED}"
|
||||||
|
NGX_HTTP_X_FORWARDED=${_NGX_HTTP_X_FORWARDED}
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
unset x
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
unset x
|
fi
|
||||||
;;
|
|
||||||
esac
|
|
||||||
export NGX_HTTP_X_FORWARDED
|
export NGX_HTTP_X_FORWARDED
|
||||||
|
|
||||||
unset _NGX_HTTP_FAKE_UA _NGX_HTTP_X_FORWARDED
|
unset _NGX_HTTP_FAKE_UA _NGX_HTTP_X_FORWARDED
|
||||||
|
@ -41,7 +41,7 @@ else
|
|||||||
fi <<-EOF
|
fi <<-EOF
|
||||||
$(
|
$(
|
||||||
set +e
|
set +e
|
||||||
cat /proc/self/environ \
|
cat /proc/$$/environ \
|
||||||
| sed -zEn '/^([^=]+).*$/s//\1/p' \
|
| sed -zEn '/^([^=]+).*$/s//\1/p' \
|
||||||
| xargs -0r printf '%q\n' \
|
| xargs -0r printf '%q\n' \
|
||||||
| {
|
| {
|
||||||
|
@ -2,4 +2,4 @@ jinja2==3.1.4
|
|||||||
netaddr==1.3.0
|
netaddr==1.3.0
|
||||||
psutil==6.0.0
|
psutil==6.0.0
|
||||||
pyyaml==6.0.2
|
pyyaml==6.0.2
|
||||||
wcmatch==9.0
|
wcmatch==10.0
|
||||||
|
@ -23,24 +23,28 @@ find /var/cache/debconf/ ! -type d -wholename '/var/cache/debconf/*-old' -delete
|
|||||||
|
|
||||||
__t=$(mktemp) ; : "${__t:?}"
|
__t=$(mktemp) ; : "${__t:?}"
|
||||||
debconf_trim_i18n() {
|
debconf_trim_i18n() {
|
||||||
mawk 'BEGIN { m = 0 }
|
mawk 'BEGIN { m = 0; }
|
||||||
$0 == "" { print }
|
$0 == "" { print; }
|
||||||
/^[^[:space:]]/ {
|
/^[^[:space:]]/ {
|
||||||
if ($1 ~ "\.[Uu][Tt][Ff]-?8:") { m = 1; next; }
|
if ($1 ~ "\.[Uu][Tt][Ff]-?8:") {
|
||||||
m = 0; print $0;
|
m = 1;
|
||||||
}
|
next;
|
||||||
/^[[:space:]]/ {
|
}
|
||||||
if (m == 1) next;
|
m = 0;
|
||||||
print $0;
|
print $0;
|
||||||
}' < "$1" > "${__t}"
|
}
|
||||||
cat < "${__t}" > "$1"
|
/^[[:space:]]/ {
|
||||||
|
if (m == 1) next;
|
||||||
|
print $0;
|
||||||
|
}' < "$1" > "${__t}"
|
||||||
|
cat < "${__t}" > "$1"
|
||||||
}
|
}
|
||||||
|
|
||||||
debconf_trim_i18n /var/cache/debconf/templates.dat
|
debconf_trim_i18n /var/cache/debconf/templates.dat
|
||||||
while read -r tmpl ; do
|
while read -r tmpl ; do
|
||||||
[ -n "${tmpl}" ] || continue
|
[ -n "${tmpl}" ] || continue
|
||||||
[ -s "${tmpl}" ] || continue
|
[ -s "${tmpl}" ] || continue
|
||||||
debconf_trim_i18n "${tmpl}"
|
debconf_trim_i18n "${tmpl}"
|
||||||
done <<EOF
|
done <<EOF
|
||||||
$(find "${DPKG_ADMINDIR}/info/" -type f -name '*.templates' | sort -V)
|
$(find "${DPKG_ADMINDIR}/info/" -type f -name '*.templates' | sort -V)
|
||||||
EOF
|
EOF
|
||||||
|
@ -37,16 +37,15 @@ normalize_list() {
|
|||||||
[ -n "$1" ] || return 0
|
[ -n "$1" ] || return 0
|
||||||
|
|
||||||
printf '%s' "$1" \
|
printf '%s' "$1" \
|
||||||
| tr -s '[:space:]' ' ' \
|
| sed -zE 's/[[:space:]]+/ /g;s/^ //;s/ $//'
|
||||||
| sed -zE 's/^ //;s/ $//'
|
|
||||||
}
|
}
|
||||||
|
|
||||||
sort_dedup_list() {
|
sort_dedup_list() {
|
||||||
[ -n "$1" ] || return 0
|
[ -n "$1" ] || return 0
|
||||||
|
|
||||||
printf '%s' "$1" \
|
printf '%s' "$1" \
|
||||||
| tr -s '[:space:]' '\n' | sort -uV | paste -sd ' ' \
|
| tr -s '[:space:]' '\n' | sort -uV \
|
||||||
| sed -zE 's/^\s+//;s/\s+$//'
|
| sed -zE 's/[[:space:]]+/ /g;s/^ //;s/ $//'
|
||||||
}
|
}
|
||||||
|
|
||||||
pkgs=$(sort_dedup_list "${pkgs}")
|
pkgs=$(sort_dedup_list "${pkgs}")
|
||||||
|
@ -22,8 +22,9 @@ _apt_update() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
_dpkg_avail_hack() {
|
_dpkg_avail_hack() {
|
||||||
|
: "${DPKG_ADMINDIR:=/var/lib/dpkg}"
|
||||||
VERSION_CODENAME=$(. /etc/os-release ; printf '%s' "${VERSION_CODENAME}") || :
|
VERSION_CODENAME=$(. /etc/os-release ; printf '%s' "${VERSION_CODENAME}") || :
|
||||||
f="${DPKG_ADMINDIR:-/var/lib/dpkg}/available"
|
f="${DPKG_ADMINDIR}/available"
|
||||||
# if ${VERSION_CODENAME} is empty then we're on Debian sid or so :)
|
# if ${VERSION_CODENAME} is empty then we're on Debian sid or so :)
|
||||||
case "${VERSION_CODENAME}" in
|
case "${VERSION_CODENAME}" in
|
||||||
stretch | buster | bionic | focal )
|
stretch | buster | bionic | focal )
|
||||||
@ -31,7 +32,7 @@ _dpkg_avail_hack() {
|
|||||||
if [ -s "$f" ] ; then
|
if [ -s "$f" ] ; then
|
||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
/usr/lib/dpkg/methods/apt/update "${DPKG_ADMINDIR:-/var/lib/dpkg}" apt apt
|
/usr/lib/dpkg/methods/apt/update "${DPKG_ADMINDIR}" apt apt
|
||||||
;;
|
;;
|
||||||
* )
|
* )
|
||||||
touch "$f"
|
touch "$f"
|
||||||
|
@ -1,19 +1,17 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
set -f
|
set -f
|
||||||
|
|
||||||
sed -znE '/^([^=]+)=.*$/s,,\1,p' /proc/self/environ \
|
sed -znE '/^([^=]+)=.*$/s,,\1,p' /proc/$$/environ \
|
||||||
| sed -zE \
|
| sed -zE \
|
||||||
-e '/^_$/d;/^ENVSUBST_/d;' \
|
-e '/^_$/d;/^ENVSUBST_/d;' \
|
||||||
-e '/^__IEP_/d;/^IEP_$/d' \
|
-e '/^__IEP_/d;/^IEP_$/d' \
|
||||||
| {
|
| {
|
||||||
if [ -n "${ENVSUBST_EXCLUDE_REGEX:-}" ] ; then
|
if [ -n "${ENVSUBST_EXCLUDE_REGEX:-}" ] ; then
|
||||||
grep -zEv -e "${ENVSUBST_EXCLUDE_REGEX}"
|
grep -zEv -e "${ENVSUBST_EXCLUDE_REGEX}"
|
||||||
|
elif [ -n "${ENVSUBST_INCLUDE_REGEX:-}" ] ; then
|
||||||
|
grep -zE -e "${ENVSUBST_INCLUDE_REGEX}"
|
||||||
else
|
else
|
||||||
if [ -n "${ENVSUBST_INCLUDE_REGEX:-}" ] ; then
|
cat
|
||||||
grep -zE -e "${ENVSUBST_INCLUDE_REGEX}"
|
|
||||||
else
|
|
||||||
cat
|
|
||||||
fi
|
|
||||||
fi
|
fi
|
||||||
} \
|
} \
|
||||||
| sort -zV \
|
| sort -zV \
|
||||||
|
@ -20,11 +20,16 @@ w_cleanup() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
bundle_offsets() {
|
bundle_offsets() {
|
||||||
awk '
|
mawk 'BEGIN { OFS = ","; i_begin = 0; }
|
||||||
BEGIN { OFS = "," ; i_begin = 0 ; }
|
$0 == "-----BEGIN CERTIFICATE-----" {
|
||||||
$0 == "-----BEGIN CERTIFICATE-----" { i_begin = NR ; }
|
i_begin = NR;
|
||||||
$0 == "-----END CERTIFICATE-----" { if (i_begin > 0) { print i_begin,NR ; i_begin = 0 ; } }
|
}
|
||||||
' "$1"
|
$0 == "-----END CERTIFICATE-----" {
|
||||||
|
if (i_begin > 0) {
|
||||||
|
print i_begin, NR;
|
||||||
|
i_begin = 0;
|
||||||
|
}
|
||||||
|
}' "$1"
|
||||||
}
|
}
|
||||||
|
|
||||||
bundle_fingerprints() {
|
bundle_fingerprints() {
|
||||||
|
@ -1,7 +1,9 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
set -f
|
set -f
|
||||||
for i ; do
|
for i ; do
|
||||||
find "$i/" -name __pycache__ -exec rm -rf {} +
|
[ -n "$i" ] || continue
|
||||||
find "$i/" ! -type d -name '*.py[co]' -exec rm -f {} +
|
[ -d "$i" ] || continue
|
||||||
|
find "$i/" -name __pycache__ -exec rm -rf {} +
|
||||||
|
find "$i/" ! -type d -name '*.py[co]' -exec rm -f {} +
|
||||||
done
|
done
|
||||||
exit 0
|
exit 0
|
||||||
|
@ -1,52 +1,41 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
set -f
|
set -f
|
||||||
|
|
||||||
COMPRESS_MIN_RATIO=90
|
|
||||||
|
|
||||||
if command -V gzip >/dev/null ; then has_gzip=1 ; fi
|
if command -V gzip >/dev/null ; then has_gzip=1 ; fi
|
||||||
if command -V brotli >/dev/null ; then has_brotli=1 ; fi
|
if command -V brotli >/dev/null ; then has_brotli=1 ; fi
|
||||||
if command -V zstd >/dev/null ; then has_zstd=1 ; fi
|
if command -V zstd >/dev/null ; then has_zstd=1 ; fi
|
||||||
|
|
||||||
do_gzip() { [ -s "$1.gz" ] || gzip -1kf "$1" ; comp_fixup "$1" "$1.gz" ; }
|
do_gzip() { [ -s "$1.gz" ] || gzip -1kf "$1" || return ; comp_fixup "$1" "$1.gz" || rm -f "$1.gz" ; }
|
||||||
do_brotli() { [ -s "$1.br" ] || brotli -1kf "$1" ; comp_fixup "$1" "$1.br" ; }
|
do_brotli() { [ -s "$1.br" ] || brotli -1kf "$1" || return ; comp_fixup "$1" "$1.br" || rm -f "$1.br" ; }
|
||||||
do_zstd() { [ -s "$1.zst" ] || zstd -q1kf "$1" ; comp_fixup "$1" "$1.zst" ; }
|
do_zstd() { [ -s "$1.zst" ] || zstd -q1kf "$1" || return ; comp_fixup "$1" "$1.zst" || rm -f "$1.zst" ; }
|
||||||
|
|
||||||
|
float_div() {
|
||||||
|
mawk -v "a=$1" -v "b=$2" 'BEGIN{print a/b;exit;}' </dev/null
|
||||||
|
}
|
||||||
|
|
||||||
comp_fixup() {
|
comp_fixup() {
|
||||||
size1=$(env stat -c '%s' "$1") || return
|
[ -f "$1" ] || return 1
|
||||||
|
size1=$(env stat -Lc '%s' "$1") || return 1
|
||||||
|
[ -n "${size1}" ] || return 1
|
||||||
|
[ "${size1}" != 0 ] || return 1
|
||||||
|
|
||||||
[ -f "$2" ] || return
|
[ -f "$2" ] || return 1
|
||||||
[ -s "$2" ] || { rm -f "$2" ; return ; }
|
size2=$(env stat -c '%s' "$2") || return 1
|
||||||
size2=$(env stat -c '%s' "$2") || return
|
[ -n "${size2}" ] || return 1
|
||||||
|
[ "${size2}" != 0 ] || return 1
|
||||||
|
|
||||||
pow1=${#size1} ; pow2=${#size2}
|
ratio=$(float_div "${size2}" "${size1}") || return 1
|
||||||
|
case "${ratio}" in
|
||||||
|
[0-9]*e-[0-9]* )
|
||||||
|
## doubtful but okay (c) Oleg Tinkov
|
||||||
|
;;
|
||||||
|
0.[0-8]* | 0.90* )
|
||||||
|
## compression ratio below 90% is fine
|
||||||
|
;;
|
||||||
|
* ) return 1 ;;
|
||||||
|
esac
|
||||||
|
|
||||||
## if size2 is _longer_ than size1 - compression did something wrong (file is bigger)
|
return 0
|
||||||
if [ ${pow2} -gt ${pow1} ] ; then
|
|
||||||
rm -f "$2" ; return
|
|
||||||
fi
|
|
||||||
|
|
||||||
## if size1 is _longer_ size2 more than 2 digits - compression was done very successful
|
|
||||||
## doubtful but okay (c) Oleg Tinkov
|
|
||||||
if [ $(( pow1 - pow2 )) -gt 2 ] ; then
|
|
||||||
return
|
|
||||||
fi
|
|
||||||
|
|
||||||
## math hack!
|
|
||||||
if [ ${pow1} -gt 7 ] ; then
|
|
||||||
skew=$(( pow1 - 4 ))
|
|
||||||
pow1=$(( pow1 - skew ))
|
|
||||||
pow2=$(( pow2 - skew ))
|
|
||||||
size1=$(printf '%s' "${size1}" | cut -c 1-${pow1})
|
|
||||||
size2=$(printf '%s' "${size2}" | cut -c 1-${pow2})
|
|
||||||
fi
|
|
||||||
|
|
||||||
ratio=$(( (100 * size2) / size1 ))
|
|
||||||
if [ ${ratio} -ge ${COMPRESS_MIN_RATIO} ] ; then
|
|
||||||
rm -f "$2"
|
|
||||||
else
|
|
||||||
## seems to be excessive
|
|
||||||
: touch -r "$1" -m "$2"
|
|
||||||
fi
|
|
||||||
}
|
}
|
||||||
|
|
||||||
for i ; do
|
for i ; do
|
||||||
|
Loading…
Reference in New Issue
Block a user