diff --git a/data/Dockerfiles/phpfpm/docker-entrypoint.sh b/data/Dockerfiles/phpfpm/docker-entrypoint.sh index 223c6fe8..3288a9d0 100755 --- a/data/Dockerfiles/phpfpm/docker-entrypoint.sh +++ b/data/Dockerfiles/phpfpm/docker-entrypoint.sh @@ -20,20 +20,7 @@ until [[ $(${REDIS_CMDLINE} PING) == "PONG" ]]; do sleep 2 done -if [[ "${MASTER}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then - echo "We are master, preparing..." -# Set a default release format -if [[ -z $(${REDIS_CMDLINE} --raw GET Q_RELEASE_FORMAT) ]]; then - ${REDIS_CMDLINE} --raw SET Q_RELEASE_FORMAT raw -fi - -# Set max age of q items - if unset -if [[ -z $(${REDIS_CMDLINE} --raw GET Q_MAX_AGE) ]]; then - ${REDIS_CMDLINE} --raw SET Q_MAX_AGE 365 -fi - -# Check mysql_upgrade - +# Check mysql_upgrade (master and slave) CONTAINER_ID= until [[ ! -z "${CONTAINER_ID}" ]] && [[ "${CONTAINER_ID}" =~ ^[[:alnum:]]*$ ]]; do CONTAINER_ID=$(curl --silent --insecure https://dockerapi/containers/json | jq -r ".[] | {name: .Config.Labels[\"com.docker.compose.service\"], id: .Id}" 2> /dev/null | jq -rc "select( .name | tostring | contains(\"mysql-mailcow\")) | .id" 2> /dev/null) @@ -69,7 +56,7 @@ until [[ ${SQL_UPGRADE_STATUS} == 'success' ]]; do fi done -# doing post-installation stuff, if SQL was upgraded +# doing post-installation stuff, if SQL was upgraded (master and slave) if [ ${SQL_CHANGED} -eq 1 ]; then POSTFIX=($(curl --silent --insecure https://dockerapi/containers/json | jq -r '.[] | {name: .Config.Labels["com.docker.compose.service"], id: .Id}' | jq -rc 'select( .name | tostring | contains("postfix-mailcow")) | .id' | tr "\n" " ")) if [[ -z ${POSTFIX} ]]; then @@ -82,7 +69,7 @@ if [ ${SQL_CHANGED} -eq 1 ]; then fi fi -# Check mysql tz import +# Check mysql tz import (master and slave) TZ_CHECK=$(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT CONVERT_TZ('2019-11-02 23:33:00','Europe/Berlin','UTC') AS time;" -BN 2> /dev/null) if [[ -z ${TZ_CHECK} ]] || [[ "${TZ_CHECK}" == "NULL" ]]; then SQL_FULL_TZINFO_IMPORT_RETURN=$(curl --silent --insecure -XPOST https://dockerapi/containers/${CONTAINER_ID}/exec -d '{"cmd":"system", "task":"mysql_tzinfo_to_sql"}' --silent -H 'Content-type: application/json') @@ -90,59 +77,71 @@ if [[ -z ${TZ_CHECK} ]] || [[ "${TZ_CHECK}" == "NULL" ]]; then echo ${SQL_FULL_TZINFO_IMPORT_RETURN} fi -# Trigger db init -echo "Running DB init..." -php -c /usr/local/etc/php -f /web/inc/init_db.inc.php +if [[ "${MASTER}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then + echo "We are master, preparing..." + # Set a default release format + if [[ -z $(${REDIS_CMDLINE} --raw GET Q_RELEASE_FORMAT) ]]; then + ${REDIS_CMDLINE} --raw SET Q_RELEASE_FORMAT raw + fi -# Recreating domain map -echo "Rebuilding domain map in Redis..." -declare -a DOMAIN_ARR - ${REDIS_CMDLINE} DEL DOMAIN_MAP > /dev/null -while read line -do - DOMAIN_ARR+=("$line") -done < <(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT domain FROM domain" -Bs) -while read line -do - DOMAIN_ARR+=("$line") -done < <(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT alias_domain FROM alias_domain" -Bs) + # Set max age of q items - if unset + if [[ -z $(${REDIS_CMDLINE} --raw GET Q_MAX_AGE) ]]; then + ${REDIS_CMDLINE} --raw SET Q_MAX_AGE 365 + fi -if [[ ! -z ${DOMAIN_ARR} ]]; then -for domain in "${DOMAIN_ARR[@]}"; do - ${REDIS_CMDLINE} HSET DOMAIN_MAP ${domain} 1 > /dev/null -done -fi + # Trigger db init + echo "Running DB init..." + php -c /usr/local/etc/php -f /web/inc/init_db.inc.php -# Set API options if env vars are not empty -if [[ ${API_ALLOW_FROM} != "invalid" ]] && [[ ! -z ${API_ALLOW_FROM} ]]; then - IFS=',' read -r -a API_ALLOW_FROM_ARR <<< "${API_ALLOW_FROM}" - declare -a VALIDATED_API_ALLOW_FROM_ARR - REGEX_IP6='^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}$' - REGEX_IP4='^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' - for IP in "${API_ALLOW_FROM_ARR[@]}"; do - if [[ ${IP} =~ ${REGEX_IP6} ]] || [[ ${IP} =~ ${REGEX_IP4} ]]; then - VALIDATED_API_ALLOW_FROM_ARR+=("${IP}") - fi + # Recreating domain map + echo "Rebuilding domain map in Redis..." + declare -a DOMAIN_ARR + ${REDIS_CMDLINE} DEL DOMAIN_MAP > /dev/null + while read line + do + DOMAIN_ARR+=("$line") + done < <(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT domain FROM domain" -Bs) + while read line + do + DOMAIN_ARR+=("$line") + done < <(mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT alias_domain FROM alias_domain" -Bs) + + if [[ ! -z ${DOMAIN_ARR} ]]; then + for domain in "${DOMAIN_ARR[@]}"; do + ${REDIS_CMDLINE} HSET DOMAIN_MAP ${domain} 1 > /dev/null done - VALIDATED_IPS=$(array_by_comma ${VALIDATED_API_ALLOW_FROM_ARR[*]}) - if [[ ! -z ${VALIDATED_IPS} ]]; then - if [[ ${API_KEY} != "invalid" ]] && [[ ! -z ${API_KEY} ]]; then - mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF + fi + + # Set API options if env vars are not empty + if [[ ${API_ALLOW_FROM} != "invalid" ]] && [[ ! -z ${API_ALLOW_FROM} ]]; then + IFS=',' read -r -a API_ALLOW_FROM_ARR <<< "${API_ALLOW_FROM}" + declare -a VALIDATED_API_ALLOW_FROM_ARR + REGEX_IP6='^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}$' + REGEX_IP4='^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' + for IP in "${API_ALLOW_FROM_ARR[@]}"; do + if [[ ${IP} =~ ${REGEX_IP6} ]] || [[ ${IP} =~ ${REGEX_IP4} ]]; then + VALIDATED_API_ALLOW_FROM_ARR+=("${IP}") + fi + done + VALIDATED_IPS=$(array_by_comma ${VALIDATED_API_ALLOW_FROM_ARR[*]}) + if [[ ! -z ${VALIDATED_IPS} ]]; then + if [[ ${API_KEY} != "invalid" ]] && [[ ! -z ${API_KEY} ]]; then + mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF DELETE FROM api WHERE access = 'rw'; INSERT INTO api (api_key, active, allow_from, access) VALUES ("${API_KEY}", "1", "${VALIDATED_IPS}", "rw"); EOF - fi - if [[ ${API_KEY_READ_ONLY} != "invalid" ]] && [[ ! -z ${API_KEY_READ_ONLY} ]]; then - mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF + fi + if [[ ${API_KEY_READ_ONLY} != "invalid" ]] && [[ ! -z ${API_KEY_READ_ONLY} ]]; then + mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF DELETE FROM api WHERE access = 'ro'; INSERT INTO api (api_key, active, allow_from, access) VALUES ("${API_KEY_READ_ONLY}", "1", "${VALIDATED_IPS}", "ro"); EOF + fi fi fi -fi -# Create events -mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF + # Create events (master only, STATUS for event on slave will be SLAVESIDE_DISABLED) + mysql --socket=/var/run/mysqld/mysqld.sock -u ${DBUSER} -p${DBPASS} ${DBNAME} << EOF DROP EVENT IF EXISTS clean_spamalias; DELIMITER // CREATE EVENT clean_spamalias diff --git a/docker-compose.yml b/docker-compose.yml index ad758427..f9cdc2c7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -102,7 +102,7 @@ services: - rspamd php-fpm-mailcow: - image: mailcow/phpfpm:1.62 + image: mailcow/phpfpm:1.63 command: "php-fpm -d date.timezone=${TZ} -d expose_php=0" depends_on: - redis-mailcow