diff --git a/Dockerfile b/Dockerfile index c9ca77f..804e286 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,15 +1,16 @@ -FROM binhex/arch-int-vpn:latest +FROM binhex/arch-int-vpn::latest LABEL org.opencontainers.image.authors = "binhex" LABEL org.opencontainers.image.source = "https://github.com/binhex/arch-qbittorrentvpn" +ARG TARGETARCH # additional files ################## # add supervisor conf file for app -ADD build/*.conf /etc/supervisor/conf.d/ +ADD ${TARGETARCH}/build/*.conf /etc/supervisor/conf.d/ # add bash scripts to install app -ADD build/root/*.sh /root/ +ADD ${TARGETARCH}/build/root/*.sh /root/ # get release tag name from build arg ARG release_tag_name @@ -43,4 +44,4 @@ EXPOSE 8118 ################# # run script to set uid, gid and permissions -CMD ["/bin/bash", "/usr/local/bin/init.sh"] \ No newline at end of file +CMD ["/bin/bash", "/usr/local/bin/init.sh"] diff --git a/build/qbittorrent.conf b/amd64/build/qbittorrent.conf similarity index 100% rename from build/qbittorrent.conf rename to amd64/build/qbittorrent.conf diff --git a/build/root/install.sh b/amd64/build/root/install.sh similarity index 100% rename from build/root/install.sh rename to amd64/build/root/install.sh diff --git a/arm64/build/qbittorrent.conf b/arm64/build/qbittorrent.conf new file mode 100644 index 0000000..694b5ba --- /dev/null +++ b/arm64/build/qbittorrent.conf @@ -0,0 +1,15 @@ +[program:start-script] +autorestart = false +startsecs = 0 +user = root +command = /root/start.sh +umask = 000 + +[program:watchdog-script] +autorestart = false +startsecs = 0 +user = nobody +command = /home/nobody/watchdog.sh +umask = 000 + + diff --git a/arm64/build/root/install.sh b/arm64/build/root/install.sh new file mode 100644 index 0000000..241d4c4 --- /dev/null +++ b/arm64/build/root/install.sh @@ -0,0 +1,147 @@ +#!/bin/bash + +# exit script if return code != 0 +set -e + +# release tag name from build arg, stripped of build ver using string manipulation +release_tag_name="${1//-[0-9][0-9]/}" + +# note do NOT download build scripts - inherited from int script with envvars common defined + +# detect image arch +#### + +OS_ARCH=$(cat /etc/os-release | grep -P -o -m 1 "(?=^ID\=).*" | grep -P -o -m 1 "[a-z]+$") +if [[ ! -z "${OS_ARCH}" ]]; then + if [[ "${OS_ARCH}" == "arch" ]]; then + OS_ARCH="x86-64" + else + OS_ARCH="aarch64" + fi + echo "[info] OS_ARCH defined as '${OS_ARCH}'" +else + echo "[warn] Unable to identify OS_ARCH, defaulting to 'x86-64'" + OS_ARCH="x86-64" +fi + +# pacman packages +#### + +# hack - needs rsync for reflector +pacman -S rsync --noconfirm + +# call pacman db and package updater script https://github.com/binhex/scripts/blob/master/shell/arch/docker/upd.sh +# Does not work as reflector is not available for arm64 +# source upd.sh +# update packages without updating mirrorlist +pacman -Syyu --overwrite /usr/lib\*/p11-kit-trust.so --noconfirm + +# define pacman packages +pacman_packages="qbittorrent-nox python geoip" + +# install compiled packages using pacman +if [[ ! -z "${pacman_packages}" ]]; then + pacman -S --needed $pacman_packages --noconfirm +fi + +# aur packages +#### + +# define aur packages +aur_packages="" + +# call aur install script (arch user repo) - note true required due to autodl-irssi error during install +source aur.sh + +# custom +#### + +# this is a (temporary?) hack to prevent the error '/usr/bin/qbittorrent-nox: +# error while loading shared libraries: libQt5Core.so.5: cannot open shared +# object file: No such file or directory.' when running this container on +# hosts with older kernels (centos, mac os). alternative workaround to this +# is for the user to upgrade the kernel on their host. +#pacman -S binutils --needed --noconfirm +#strip --remove-section=.note.ABI-tag /usr/lib64/libQt5Core.so.5 + +# container perms +#### + +# define comma separated list of paths +install_paths="/etc/privoxy,/home/nobody" + +# split comma separated string into list for install paths +IFS=',' read -ra install_paths_list <<< "${install_paths}" + +# process install paths in the list +for i in "${install_paths_list[@]}"; do + + # confirm path(s) exist, if not then exit + if [[ ! -d "${i}" ]]; then + echo "[crit] Path '${i}' does not exist, exiting build process..." ; exit 1 + fi + +done + +# convert comma separated string of install paths to space separated, required for chmod/chown processing +install_paths=$(echo "${install_paths}" | tr ',' ' ') + +# set permissions for container during build - Do NOT double quote variable for install_paths otherwise this will wrap space separated paths as a single string +chmod -R 775 ${install_paths} + +# create file with contents of here doc, note EOF is NOT quoted to allow us to expand current variable 'install_paths' +# we use escaping to prevent variable expansion for PUID and PGID, as we want these expanded at runtime of init.sh +cat < /tmp/permissions_heredoc + +# get previous puid/pgid (if first run then will be empty string) +previous_puid=\$(cat "/root/puid" 2>/dev/null || true) +previous_pgid=\$(cat "/root/pgid" 2>/dev/null || true) + +# if first run (no puid or pgid files in /tmp) or the PUID or PGID env vars are different +# from the previous run then re-apply chown with current PUID and PGID values. +if [[ ! -f "/root/puid" || ! -f "/root/pgid" || "\${previous_puid}" != "\${PUID}" || "\${previous_pgid}" != "\${PGID}" ]]; then + + # set permissions inside container - Do NOT double quote variable for install_paths otherwise this will wrap space separated paths as a single string + chown -R "\${PUID}":"\${PGID}" ${install_paths} + +fi + +# write out current PUID and PGID to files in /root (used to compare on next run) +echo "\${PUID}" > /root/puid +echo "\${PGID}" > /root/pgid + +EOF + +# replace permissions placeholder string with contents of file (here doc) +sed -i '/# PERMISSIONS_PLACEHOLDER/{ + s/# PERMISSIONS_PLACEHOLDER//g + r /tmp/permissions_heredoc +}' /usr/local/bin/init.sh +rm /tmp/permissions_heredoc + +# env vars +#### + +cat <<'EOF' > /tmp/envvars_heredoc + +export WEBUI_PORT=$(echo "${WEBUI_PORT}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~') +if [[ ! -z "${WEBUI_PORT}" ]]; then + echo "[info] WEBUI_PORT defined as '${WEBUI_PORT}'" | ts '%Y-%m-%d %H:%M:%.S' +else + echo "[warn] WEBUI_PORT not defined (via -e WEBUI_PORT), defaulting to '8080'" | ts '%Y-%m-%d %H:%M:%.S' + export WEBUI_PORT="8080" +fi + +export APPLICATION="qbittorrent" + +EOF + +# replace env vars placeholder string with contents of file (here doc) +sed -i '/# ENVVARS_PLACEHOLDER/{ + s/# ENVVARS_PLACEHOLDER//g + r /tmp/envvars_heredoc +}' /usr/local/bin/init.sh +rm /tmp/envvars_heredoc + +# cleanup +cleanup.sh