Adds entrypoint (#6)

#### 📖 Summary - Adds docker entrypoint bash script. #### 📑 Test Plan > 💡 Select your test plan for the code changes. - [x] CI pipeline tests - [ ] Custom test - [ ] No test plan ##### Details / Justification  #### 📚 Additional Notes  Co-authored-by: OCram85 <marco.blessing@googlemail.com> Reviewed-on: #6
2023-07-12 10:55:59 +02:00 · 2023-07-12 10:55:59 +02:00 · e1bec95c9d
commit e1bec95c9d
parent 81738ff2f4
4 changed files with 117 additions and 59 deletions
--- a/.gitea/workflows/test.yaml.disabled
+++ b/.gitea/workflows/test.yaml.disabled
--- a/49
+++ b/49
@ -1,6 +1,6 @@
 FROM alpine:3.18.2

-#LABEL build_version=""
+# Set labels manually, each build service differs in used or predefined labels.
 LABEL maintainer="OCram85"
 ARG VERSION
 LABEL build_version="${VERSION}"
@ -17,8 +17,7 @@ LABEL org.opencontainers.image.url="https://gitea.ocram85.com/OCram85/swarmproxy
 LABEL org.opencontainers.image.source="https://gitea.ocram85.com/OCram85/swarmproxy.git"
 LABEL org.opencontainers.image.documentation="https://gitea.ocram85.com/OCram85/swarmproxy"

-# Use a custom UID/GID instead of the default system UID which has a greater possibility
-# for collisions with the host and other containers.
+# Use a individual user and group ip for files and process
 ENV TINYPROXY_UID 5123
 ENV TINYPROXY_GID 5123

@ -28,46 +27,24 @@ ENV PORT "8888"
 ENV TIMEOUT "600"
 ENV LOGLEVEL "Info"
 ENV MAXCLIENTS "600"
-ENV FILTER_FILE "/etc/tinyproxy/filter"
+ENV FILTER_FILE "/app/filter"

-# Curl is for healthchecks.
+
+# get existing packages
+# curl for healthchecks and debugging
 RUN apk add --no-cache \
      tinyproxy curl

-RUN mv /etc/tinyproxy/tinyproxy.conf /etc/tinyproxy/tinyproxy.default.conf
+COPY entrypoint.sh /app/entrypoint.sh

-RUN <<EOF cat >> /etc/tinyproxy/tinyproxy.conf
-User $TINYPROXY_UID
-Group $TINYPROXY_GID
-Port $PORT
-Timeout $TIMEOUT
-DefaultErrorFile "/usr/share/tinyproxy/default.html"
+RUN touch /app/proxy.conf && \
+  chmod +x /app/entrypoint.sh && \
+  chown -R ${TINYPROXY_UID}:${TINYPROXY_GID} /app /etc/tinyproxy /var/log/tinyproxy

-StatHost "tinyproxy.stats"
-StatFile "/usr/share/tinyproxy/stats.html"
-
-LogLevel $LOGLEVEL
-MaxClients $MAXCLIENTS
-ViaProxyName "tinyproxy"
-
-Filter "$FILTER_FILE"
-FilterURLs Off
-FilterCaseSensitive Off
-FilterDefaultDeny Yes
-
-Allow 127.0.0.1/8
-Allow 10.0.0.0/8
-
-EOF
-
-RUN set -eu && \
-  CONFIG='/etc/tinyproxy/tinyproxy.conf' && \
-  [ -z "$UPSTREAM_PROXY_FILE" ] || export UPSTREAM_PROXY=$(cat $UPSTREAM_PROXY_FILE) && \
-  [ -z "$UPSTREAM_PROXY" ] || echo "upstream http $UPSTREAM_PROXY \".\"" >> "$CONFIG"
-
-RUN chown -R ${TINYPROXY_UID}:${TINYPROXY_GID} /etc/tinyproxy /var/log/tinyproxy
 USER ${TINYPROXY_UID}:${TINYPROXY_GID}
+WORKDIR /app

 EXPOSE 8888

-ENTRYPOINT ["/usr/bin/tinyproxy", "-d"]
+ENTRYPOINT ["/app/entrypoint.sh"]
+CMD ["-c", "/app/proxy.conf", "-d"]
--- a/README.md
+++ b/README.md
@ -13,7 +13,7 @@
 </p>

 <h1 align="center">
-  swarmproxy
+  Swarmproxy - Tame your traffic
 </h1>

 <p align="center">
@ -26,10 +26,9 @@

 ### 1. ⚡ Get the image 📦

-You can download the image from the gitea embedded container registry: `gitea.ocram85.com/ocram85/swarmproxy` with these tags:
+You can download the image from the Gitea embedded container registry: `gitea.ocram85.com/ocram85/swarmproxy` with these tags:

- `latest` - Is based on the lasted master branch commit.
- `next` - Is a test build based on the pull request
+- `latest`, `main` - Is based on the lasted master branch commit.
 - `1`, `0.1`, `0.1.0` - tag based version.

 > **💡 NOTE: See the [packages page](https://gitea.ocram85.com/OCram85/-/packages/container/swarmproxy/latest) for latest version and all other available tags.**
@ -39,43 +38,58 @@ You can download the image from the gitea embedded container registry: `gitea.oc
 ```yaml
 version: "3.8"

-secrets:
-  upstream-proxy:
-    external: true
+networks:
+  egress:
+   attachable: true
+   #external: true
+
+#configs:
+#  filter_file:
+#    # config can be predefined / external or loaded from file
+#    #external: true
+#    file: ./filter.txt
+
+#secrets:
+#  upstream-proxy:
+#    external: true

 services:
  swarmproxy:
    image: gitea.ocram85.com/OCram85/swarmproxy:latest
+    deploy:
+      replicas: 1
+    #secrets:
+    #  - upstream-proxy
    environment:
-      # mandatory environment variables
-      - UPSTREAM_PROXY=
+      # Recommended settings
+      # Use an optional upstream proxy
+      #- UPSTREAM_PROXY=
      # Set UPSTREAM_PROXY as docker secret if your upstream needs authentication
      # Eg.: http://user:password@upstream.intra:3128
      #- UPSTREAM_PROXY_FILE=/run/secrets/UPSTREAM_PROXY

-      # optional settings
+      # OPTIONAL config keys
      #- TINYPROXY_UID=5123
      #- TINYPROXY_GID=5123
      #- PORT=8888
      #- TIMEOUT=600
      #- LOGLEVEL=Info
      #- MAXCLIENTS=600
-      #- FILTER_FILE=/ety/tinyproxy/filter
-    deploy:
-      replicas: 1
+      #- FILTER_FILE=/app/filter
    volumes:
-      # mount a single file into the container if you need the modify it afterwards
-      # You can reload the file with `kill -s USR1 $(pidof tinyproxy)`
-      - ./filter.txt:/etc/tinyproxy/filter:ro
-      # Use a docker config or volume in production
-      - 
+      # You can mount a single filter file into the container.
+      # To reload the file use the docker kill -s USR1 <container_id| container_name> command.
+      - ./filter.txt:/app/filter:ro
+    configs:
+      - source: filter_file
+        target: /app/filter
    networks:
-      - egress
-
-networks:
      egress:
-   attachable: true
-   #external: true
+        aliases:
+          - swarmproxy
+          - proxy
+
+
 ```

 ## 😡 We're Using GitHub Under Protest
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -0,0 +1,67 @@
+#!/usr/bin/env sh
+
+set -e
+
+CONFIG="/app/proxy.conf"
+
+function writeConfig() {
+    cat << EOF >> "$CONFIG"
+User $TINYPROXY_UID
+Group $TINYPROXY_GID
+Port $PORT
+Timeout $TIMEOUT
+DefaultErrorFile "/usr/share/tinyproxy/default.html"
+
+StatHost "tinyproxy.stats"
+StatFile "/usr/share/tinyproxy/stats.html"
+
+LogLevel $LOGLEVEL
+MaxClients $MAXCLIENTS
+ViaProxyName "Swarmproxy"
+
+Allow 127.0.0.1/8
+Allow 10.0.0.0/8
+
+EOF
+}
+
+function addUpstreamConfig() {
+  [ -z "$UPSTREAM_PROXY_FILE" ] || export UPSTREAM_PROXY=$(cat $UPSTREAM_PROXY_FILE)
+  [ -z "$UPSTREAM_PROXY" ] || echo "upstream http $UPSTREAM_PROXY \".\"" >> "$CONFIG"
+}
+
+function addFilterConfig() {
+  if [ -f "$FILTER_FILE" ]; then
+    cat << FBLOCK >> "$CONFIG"
+Filter "$FILTER_FILE"
+FilterURLs Off
+FilterCaseSensitive Off
+FilterDefaultDeny Yes
+FBLOCK
+  else
+    echo "🦁 FILTER_FILE not found or set."
+  fi
+}
+
+function showConfig() {
+  echo "🦁 Final Swarmproxy config 🦁"
+  cat "$CONFIG"
+}
+
+function execTinyproxy() {
+  echo "🦁 Starting Tinyproxy..."
+  echo "args count: $#"
+  echo "args value: $@"
+  exec "/usr/bin/tinyproxy" "$@"
+}
+
+function main() {
+  writeConfig
+  addUpstreamConfig
+  addFilterConfig
+  showConfig
+  execTinyproxy $@
+}
+
+main $@
+echo "entrypoint end. 🚀"