#!/usr/bin/env bash source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/config" set -eo pipefail [[ $DOKKU_TRACE ]] && set -x source "$PLUGIN_CORE_AVAILABLE_PATH/common/property-functions" source "$PLUGIN_AVAILABLE_PATH/config/functions" add_to_links_file() { declare desc="add an app to the service link file" declare SERVICE="$1" APP="$2" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local LINKS_FILE="$SERVICE_ROOT/LINKS" touch "$LINKS_FILE" sed -i.bak "/^$APP\$/d" "$LINKS_FILE" && rm "$LINKS_FILE.bak" echo "$APP" >>"$LINKS_FILE" sort "$LINKS_FILE" -u -o "$LINKS_FILE" } auth_service_filter() { declare desc="calls user-service plugin trigger" declare SERVICES=("$@") local user_auth_count if [[ "${#SERVICES[@]}" -eq 0 ]]; then return fi user_auth_count="$(find "$PLUGIN_PATH"/enabled/*/user-auth-service 2>/dev/null | wc -l)" # no plugin trigger exists if [[ $user_auth_count == 0 ]]; then # echo out all the services since there is no plugin trigger for SERVICE in "${SERVICES[@]}"; do [[ -n "$SERVICE" ]] && echo "$SERVICE" done return 0 fi # this plugin trigger exists in the core `20_events` plugin if [[ "$user_auth_count" == 1 ]] && [[ -f "$PLUGIN_PATH"/enabled/20_events/user-auth-service ]]; then # echo out all the services since there is no valid plugin trigger for SERVICE in "${SERVICES[@]}"; do [[ -n "$SERVICE" ]] && echo "$SERVICE" done return 0 fi export SSH_USER=${SSH_USER:=$USER} export SSH_NAME=${NAME:="default"} # the output of this trigger should be all the services a user has access to plugn trigger user-auth-service "$SSH_USER" "$SSH_NAME" "$PLUGIN_COMMAND_PREFIX" "${SERVICES[@]}" } fn-services-list() { declare desc="prints a filtered list of all local apps" declare FILTER="$1" local services=() pushd "$PLUGIN_DATA_ROOT" >/dev/null for f in *; do [[ -d $f ]] || continue services+=("$f") done popd >/dev/null 2>&1 || pushd "/tmp" >/dev/null if [[ "${#services[@]}" -eq 0 ]]; then return fi if [[ "$FILTER" == "false" ]]; then for service in "${services[@]}"; do if [[ -n "$service" ]]; then echo "$service" fi done return fi for service in $(auth_service_filter "${services[@]}" 2>/dev/null); do if [[ -n "$service" ]]; then echo "$service" fi done } docker_ports_options() { declare desc="export a list of exposed ports" declare PORTS=("$@") for ((i = 0; i < ${#PLUGIN_DATASTORE_PORTS[@]}; i++)); do echo -n "-p ${PORTS[i]}:${PLUGIN_DATASTORE_PORTS[i]} " done } get_container_ip() { declare desc="retrieve the ip address of a container" declare CONTAINER_ID="$1" "$DOCKER_BIN" container inspect --format '{{ .NetworkSettings.IPAddress }}' "$CONTAINER_ID" 2>/dev/null } get_database_name() { declare desc="retrieve a sanitized database name" declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" if [[ ! -f "$SERVICE_ROOT/DATABASE_NAME" ]]; then echo "$SERVICE" >"$SERVICE_ROOT/DATABASE_NAME" fi cat "$SERVICE_ROOT/DATABASE_NAME" } get_random_ports() { declare desc="retrieve N random ports" declare iterations="${1:-1}" for ((i = 0; i < iterations; i++)); do local port=$RANDOM local quit=0 while [ "$quit" -ne 1 ]; do netstat -an | grep $port >/dev/null # shellcheck disable=SC2181 if [ $? -gt 0 ]; then quit=1 else port=$((port + 1)) fi done echo $port done } get_service_name() { declare desc="retrieve a docker service label" declare SERVICE="$1" echo "dokku.${PLUGIN_COMMAND_PREFIX}.$SERVICE" } get_url_from_config() { declare desc="retrieve a given _URL from a list of configuration variables" declare EXISTING_CONFIG="$1" CONFIG_VAR="$2" echo "$EXISTING_CONFIG" | grep "$CONFIG_VAR" | sed "s/$CONFIG_VAR:\s*//" | xargs } in_links_file() { declare desc="check if a service LINKS file contains an app" declare SERVICE="$1" APP="$2" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local LINKS_FILE="$SERVICE_ROOT/LINKS" grep -qE "^$APP\$" "$LINKS_FILE" } is_container_status() { declare desc="return 0 or 1 depending upon whether a given container has a certain status" declare CID="$1" STATUS="$2" local TEMPLATE="{{.State.$STATUS}}" local CONTAINER_STATUS=$("$DOCKER_BIN" container inspect -f "$TEMPLATE" "$CID" 2>/dev/null || true) if [[ "$CONTAINER_STATUS" == "true" ]]; then return 0 fi return 1 } is_implemented_command() { declare desc="return true if value ($1) is in list (all other arguments)" declare CMD="$1" CMD="$(echo "$CMD" | cut -d ':' -f2)" if [[ ${#PLUGIN_UNIMPLEMENTED_SUBCOMMANDS[@]} -eq 0 ]]; then return 0 fi local e for e in "${PLUGIN_UNIMPLEMENTED_SUBCOMMANDS[@]}"; do [[ "$e" == "$CMD" ]] && return 1 done return 0 } is_valid_service_name() { declare desc="validate a service name" declare SERVICE="$1" [[ -z "$SERVICE" ]] && return 1 if [[ "$SERVICE" =~ ^[A-Za-z0-9_-]+$ ]]; then return 0 fi return 1 } remove_from_links_file() { declare desc="remove an app from the service link file" declare SERVICE="$1" APP="$2" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local LINKS_FILE="$SERVICE_ROOT/LINKS" if [[ ! -f "$LINKS_FILE" ]]; then return fi sed -i.bak "/^$APP\$/d" "$LINKS_FILE" && rm "$LINKS_FILE.bak" sort "$LINKS_FILE" -u -o "$LINKS_FILE" } retry-docker-command() { local ID="$1" COMMAND="$2" local i=0 success=false until [ $i -ge 100 ]; do set +e suppress_output "$DOCKER_BIN" container exec "$ID" sh -c "$COMMAND" exit_code=$? set -e if [[ "$exit_code" == 0 ]]; then success=true break fi i=$((i + 1)) sleep 1 done if [[ $i -gt 0 ]]; then dokku_log_verbose "Container command retried ${i} time(s): ${COMMAND}" fi [[ "$success" == "true" ]] || dokku_log_fail "Failed to run command: ${COMMAND}" } service_alternative_alias() { declare desc="retrieve an alternative alias for a service" declare EXISTING_CONFIG="$1" local COLORS=(AQUA BLACK BLUE FUCHSIA GRAY GREEN LIME MAROON NAVY OLIVE PURPLE RED SILVER TEAL WHITE YELLOW) local ALIAS for COLOR in "${COLORS[@]}"; do ALIAS="${PLUGIN_ALT_ALIAS}_${COLOR}" local IN_USE=$(echo "$EXISTING_CONFIG" | grep "${ALIAS}_URL") if [[ -z "$IN_USE" ]]; then break fi unset ALIAS done echo "$ALIAS" } service_app_links() { declare desc="output all service links for a given app" declare APP="$1" local LINKED_APP SERVICE SERVICE_ROOT for SERVICE in $(fn-services-list true); do [[ -n "$SERVICE" ]] || continue SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" [[ -f "$SERVICE_ROOT/LINKS" ]] || continue for LINKED_APP in $(<"$SERVICE_ROOT/LINKS"); do if [[ "$LINKED_APP" == "$APP" ]]; then echo "$SERVICE" fi done done } service_backup() { declare desc="create a backup of a service to an existing s3 bucket" declare SERVICE="$1" BUCKET_NAME="$2" USE_IAM_OPTIONAL_FLAG="$3" local SERVICE_BACKUP_ROOT="$PLUGIN_DATA_ROOT/$SERVICE/backup" local BACKUP_ENCRYPTION_CONFIG_ROOT="$PLUGIN_DATA_ROOT/$SERVICE/backup-encryption" local AWS_ACCESS_KEY_ID_FILE="$SERVICE_BACKUP_ROOT/AWS_ACCESS_KEY_ID" local AWS_SECRET_ACCESS_KEY_FILE="$SERVICE_BACKUP_ROOT/AWS_SECRET_ACCESS_KEY" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local ID="$(cat "$SERVICE_ROOT/ID")" local BACKUP_PARAMETERS="" if [[ -z "$USE_IAM_OPTIONAL_FLAG" ]]; then [[ ! -f "$AWS_ACCESS_KEY_ID_FILE" ]] && dokku_log_fail "Missing AWS_ACCESS_KEY_ID file" [[ ! -f "$AWS_SECRET_ACCESS_KEY_FILE" ]] && dokku_log_fail "Missing AWS_SECRET_ACCESS_KEY file" BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e AWS_ACCESS_KEY_ID=$(cat "$AWS_ACCESS_KEY_ID_FILE") -e AWS_SECRET_ACCESS_KEY=$(cat "$AWS_SECRET_ACCESS_KEY_FILE")" elif [[ "$USE_IAM_OPTIONAL_FLAG" != "--use-iam" ]] && [[ "$USE_IAM_OPTIONAL_FLAG" != "-u" ]]; then dokku_log_fail "Provide AWS credentials or use the --use-iam flag" fi BACKUP_TMPDIR=$(mktemp -d --tmpdir) trap 'rm -rf "$BACKUP_TMPDIR" > /dev/null' RETURN INT TERM EXIT "$DOCKER_BIN" container inspect "$ID" >/dev/null 2>&1 || dokku_log_fail "Service container does not exist" is_container_status "$ID" "Running" || dokku_log_fail "Service container is not running" (service_export "$SERVICE" >"${BACKUP_TMPDIR}/export") # Build parameter list for s3backup tool BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e BUCKET_NAME=$BUCKET_NAME" BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e BACKUP_NAME=${PLUGIN_COMMAND_PREFIX}-${SERVICE}" BACKUP_PARAMETERS="$BACKUP_PARAMETERS -v ${BACKUP_TMPDIR}:/backup" if [[ -f "$SERVICE_BACKUP_ROOT/AWS_DEFAULT_REGION" ]]; then BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e AWS_DEFAULT_REGION=$(cat "$SERVICE_BACKUP_ROOT/AWS_DEFAULT_REGION")" fi if [[ -f "$SERVICE_BACKUP_ROOT/AWS_SIGNATURE_VERSION" ]]; then BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e AWS_SIGNATURE_VERSION=$(cat "$SERVICE_BACKUP_ROOT/AWS_SIGNATURE_VERSION")" fi if [[ -f "$SERVICE_BACKUP_ROOT/ENDPOINT_URL" ]]; then BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e ENDPOINT_URL=$(cat "$SERVICE_BACKUP_ROOT/ENDPOINT_URL")" fi if [[ -f "$BACKUP_ENCRYPTION_CONFIG_ROOT/ENCRYPTION_KEY" ]]; then BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e ENCRYPTION_KEY=$(cat "$BACKUP_ENCRYPTION_CONFIG_ROOT/ENCRYPTION_KEY")" fi if [[ -f "$BACKUP_ENCRYPTION_CONFIG_ROOT/ENCRYPT_WITH_PUBLIC_KEY_ID" ]]; then BACKUP_PARAMETERS="$BACKUP_PARAMETERS -e ENCRYPT_WITH_PUBLIC_KEY_ID=$(cat "$BACKUP_ENCRYPTION_CONFIG_ROOT/ENCRYPT_WITH_PUBLIC_KEY_ID")" fi # shellcheck disable=SC2086 "$DOCKER_BIN" container run --rm $BACKUP_PARAMETERS "$PLUGIN_S3BACKUP_IMAGE" } service_commit_config() { declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local CONFIG_VARIABLE="${PLUGIN_VARIABLE}_CONFIG_OPTIONS" local ENV_VARIABLE="${PLUGIN_VARIABLE}_CUSTOM_ENV" custom_env="${!ENV_VARIABLE}" [[ -n "$SERVICE_CUSTOM_ENV" ]] && custom_env="$SERVICE_CUSTOM_ENV" if [[ -n $custom_env ]]; then echo "$custom_env" | tr ';' "\n" >"$SERVICE_ROOT/ENV" else echo "" >"$SERVICE_ROOT/ENV" fi config_options="${!CONFIG_VARIABLE}" [[ -n "$PLUGIN_CONFIG_OPTIONS" ]] && config_options="$PLUGIN_CONFIG_OPTIONS" if [[ -n "$config_options" ]]; then echo "$config_options" >"$SERVICE_ROOT/CONFIG_OPTIONS" else echo "" >"$SERVICE_ROOT/CONFIG_OPTIONS" fi if [[ -n "$SERVICE_MEMORY" ]]; then echo "$SERVICE_MEMORY" >"$SERVICE_ROOT/SERVICE_MEMORY" fi if [[ -n "$SERVICE_SHM_SIZE" ]]; then echo "$SERVICE_SHM_SIZE" >"$SERVICE_ROOT/SHM_SIZE" fi if [[ -n "$PLUGIN_IMAGE" ]]; then echo "$PLUGIN_IMAGE" >"$SERVICE_ROOT/IMAGE" fi if [[ -n "$PLUGIN_IMAGE_VERSION" ]]; then echo "$PLUGIN_IMAGE_VERSION" >"$SERVICE_ROOT/IMAGE_VERSION" fi if [[ -n "$SERVICE_INITIAL_NETWORK" ]]; then fn-plugin-property-write "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "initial-network" "$SERVICE_INITIAL_NETWORK" fi if [[ -n "$SERVICE_POST_CREATE_NETWORK" ]]; then fn-plugin-property-write "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "post-create-network" "$SERVICE_POST_CREATE_NETWORK" fi if [[ -n "$SERVICE_POST_START_NETWORK" ]]; then fn-plugin-property-write "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "post-start-network" "$SERVICE_POST_START_NETWORK" fi } service_backup_auth() { declare desc="set up authentication" declare SERVICE="$1" AWS_ACCESS_KEY_ID="$2" AWS_SECRET_ACCESS_KEY="$3" AWS_DEFAULT_REGION="$4" AWS_SIGNATURE_VERSION="$5" ENDPOINT_URL="$6" local SERVICE_BACKUP_ROOT="$PLUGIN_DATA_ROOT/$SERVICE/backup" mkdir "$SERVICE_BACKUP_ROOT" echo "$AWS_ACCESS_KEY_ID" >"$SERVICE_BACKUP_ROOT/AWS_ACCESS_KEY_ID" echo "$AWS_SECRET_ACCESS_KEY" >"$SERVICE_BACKUP_ROOT/AWS_SECRET_ACCESS_KEY" if [[ -n "$AWS_DEFAULT_REGION" ]]; then echo "$AWS_DEFAULT_REGION" >"$SERVICE_BACKUP_ROOT/AWS_DEFAULT_REGION" fi if [[ -n "$AWS_SIGNATURE_VERSION" ]]; then echo "$AWS_SIGNATURE_VERSION" >"$SERVICE_BACKUP_ROOT/AWS_SIGNATURE_VERSION" fi if [[ -n "$ENDPOINT_URL" ]]; then echo "$ENDPOINT_URL" >"$SERVICE_BACKUP_ROOT/ENDPOINT_URL" fi } service_backup_deauth() { declare desc="remove authentication" declare SERVICE="$1" local SERVICE_ROOT="${PLUGIN_DATA_ROOT}/${SERVICE}" local SERVICE_BACKUP_ROOT="${SERVICE_ROOT}/backup/" rm -rf "$SERVICE_BACKUP_ROOT" } service_backup_schedule() { declare desc="schedules a backup of the service" declare SERVICE="$1" SCHEDULE="$2" BUCKET_NAME="$3" USE_IAM_OPTIONAL_FLAG="$4" local DOKKU_BIN="$(which dokku)" local CRON_FILE="/etc/cron.d/dokku-${PLUGIN_COMMAND_PREFIX}-${SERVICE}" local TMP_CRON_FILE="${PLUGIN_DATA_ROOT}/.TMP_CRON_FILE" if [[ -n "$USE_IAM_OPTIONAL_FLAG" ]] && [[ "$USE_IAM_OPTIONAL_FLAG" != "--use-iam" ]] && [[ "$USE_IAM_OPTIONAL_FLAG" != "-u" ]]; then dokku_log_fail "Invalid flag provided, only '--use-iam' allowed" fi echo "${SCHEDULE} dokku ${DOKKU_BIN} ${PLUGIN_COMMAND_PREFIX}:backup ${SERVICE} ${BUCKET_NAME} ${USE_IAM_OPTIONAL_FLAG}" >"$TMP_CRON_FILE" sudo /bin/mv "$TMP_CRON_FILE" "$CRON_FILE" sudo /bin/chown root:root "$CRON_FILE" sudo /bin/chmod 644 "$CRON_FILE" } service_backup_schedule_cat() { declare desc="cat the contents of the configured backup cronfile for the service" declare SERVICE="$1" local CRON_FILE="/etc/cron.d/dokku-${PLUGIN_COMMAND_PREFIX}-${SERVICE}" if [[ ! -f "$CRON_FILE" ]]; then dokku_log_fail "There is no scheduled backup for ${SERVICE}." fi cat "$CRON_FILE" } service_backup_set_encryption() { declare desc="set up backup encryption" declare SERVICE="$1" ENCRYPTION_KEY="$2" local SERVICE_ROOT="${PLUGIN_DATA_ROOT}/${SERVICE}" local SERVICE_BACKUP_ENCRYPTION_ROOT="${SERVICE_ROOT}/backup-encryption/" mkdir "$SERVICE_BACKUP_ENCRYPTION_ROOT" echo "$ENCRYPTION_KEY" >"${SERVICE_BACKUP_ENCRYPTION_ROOT}/ENCRYPTION_KEY" } service_backup_set_public_key_encryption() { declare desc="set up backup GPG Public Key encryption" declare SERVICE="$1" ENCRYPT_WITH_PUBLIC_KEY_ID="$2" local SERVICE_ROOT="${PLUGIN_DATA_ROOT}/${SERVICE}" local SERVICE_BACKUP_ENCRYPTION_ROOT="${SERVICE_ROOT}/backup-encryption/" mkdir "$SERVICE_BACKUP_ENCRYPTION_ROOT" echo "$ENCRYPT_WITH_PUBLIC_KEY_ID" >"${SERVICE_BACKUP_ENCRYPTION_ROOT}/ENCRYPT_WITH_PUBLIC_KEY_ID" } service_backup_unschedule() { declare desc="unschedule the backup of the service" declare SERVICE="$1" local CRON_FILE="/etc/cron.d/dokku-${PLUGIN_COMMAND_PREFIX}-${SERVICE}" sudo /bin/rm -f "$CRON_FILE" } service_backup_unset_encryption() { declare desc="remove backup encryption" declare SERVICE="$1" local SERVICE_ROOT="${PLUGIN_DATA_ROOT}/${SERVICE}" local SERVICE_BACKUP_ENCRYPTION_ROOT="${SERVICE_ROOT}/backup-encryption/" rm -rf "$SERVICE_BACKUP_ENCRYPTION_ROOT" } service_backup_unset_encryption() { declare desc="remove backup encryption" declare SERVICE="$1" local SERVICE_ROOT="${PLUGIN_DATA_ROOT}/${SERVICE}" local SERVICE_BACKUP_ENCRYPTION_ROOT="${SERVICE_ROOT}/backup-encryption/" rm -rf "$SERVICE_BACKUP_ENCRYPTION_ROOT" } service_container_rm() { declare desc="stop a service and remove the running container" declare SERVICE="$1" local SERVICE_NAME="$(get_service_name "$SERVICE")" local ID service_pause "$SERVICE" ID=$("$DOCKER_BIN" container ps -aq --no-trunc --filter "name=^/$SERVICE_NAME$") || true # this may be 'true' in tests... if [[ -z "$ID" ]] || [[ "$ID" == "true" ]]; then return 0 fi dokku_log_verbose_quiet "Removing container" "$DOCKER_BIN" container update --restart=no "$SERVICE_NAME" >/dev/null 2>&1 if ! "$DOCKER_BIN" container rm "$SERVICE_NAME" >/dev/null 2>&1; then dokku_log_fail "Unable to remove container for service $SERVICE" fi } service_dns_hostname() { declare desc="retrieve the alias of a service" declare SERVICE="$1" local SERVICE_NAME="$(get_service_name "$SERVICE")" echo "$SERVICE_NAME" | tr ._ - } service_enter() { declare desc="enter running app container of specified proc type" declare SERVICE="$1" && shift 1 local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local ID="$(cat "$SERVICE_ROOT/ID")" "$DOCKER_BIN" container inspect "$ID" >/dev/null 2>&1 || dokku_log_fail "Service container does not exist" is_container_status "$ID" "Running" || dokku_log_fail "Service container is not running" local EXEC_CMD="" has_tty && local DOKKU_RUN_OPTS+=" -i -t" # shellcheck disable=SC2086 "$DOCKER_BIN" container exec $DOKKU_RUN_OPTS $ID $EXEC_CMD "${@:-/bin/bash}" } service_exists() { declare desc="returns 0 or 1 depending on whether service exists or not" declare SERVICE="$1" [[ -z "$SERVICE" ]] && return 1 [[ -d "$PLUGIN_DATA_ROOT/$SERVICE" ]] && return 0 return 1 } service_exposed_ports() { declare desc="list exposed ports for a service" declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local PORT_FILE="$SERVICE_ROOT/PORT" [[ ! -f $PORT_FILE ]] && echo '-' && return 0 local PORTS=($(cat "$PORT_FILE")) for ((i = 0; i < ${#PLUGIN_DATASTORE_PORTS[@]}; i++)); do echo -n "${PLUGIN_DATASTORE_PORTS[i]}->${PORTS[i]} " done } service_image_exists() { declare desc="check if the current image exists" declare SERVICE="$1" PLUGIN_IMAGE="${2:-$PLUGIN_IMAGE}" PLUGIN_IMAGE_VERSION="${3:-$PLUGIN_IMAGE_VERSION}" local plugin_image="$PLUGIN_IMAGE" local plugin_image_version="$PLUGIN_IMAGE_VERSION" if [[ -z "$PLUGIN_IMAGE" ]] && [[ -f "$SERVICE_ROOT/IMAGE" ]]; then plugin_image="$(cat "$SERVICE_ROOT/IMAGE")" fi if [[ -z "$PLUGIN_IMAGE_VERSION" ]] && [[ -f "$SERVICE_ROOT/IMAGE_VERSION" ]]; then plugin_image_version="$(cat "$SERVICE_ROOT/IMAGE_VERSION")" fi local IMAGE="$plugin_image:$plugin_image_version" if [[ "$("$DOCKER_BIN" image ls -q "$IMAGE" 2>/dev/null)" == "" ]]; then return 1 fi return 0 } service_info() { declare desc="retrieve information about a given service" declare SERVICE="$1" INFO_FLAG="$2" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local SERVICE_URL=$(service_url "$SERVICE") local PORT_FILE="$SERVICE_ROOT/PORT" local SERVICE_CONTAINER_ID="$(cat "$SERVICE_ROOT/ID")" local flag key valid_flags local flag_map=( "--config-dir: ${SERVICE_ROOT}/${PLUGIN_CONFIG_SUFFIX}" "--config-options: $(cat "$SERVICE_ROOT/CONFIG_OPTIONS" 2>/dev/null || true)" "--data-dir: ${SERVICE_ROOT}/data" "--dsn: ${SERVICE_URL}" "--exposed-ports: $(service_exposed_ports "$SERVICE")" "--id: ${SERVICE_CONTAINER_ID}" "--internal-ip: $(get_container_ip "${SERVICE_CONTAINER_ID}")" "--initial-network: $(fn-plugin-property-get "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "initial-network")" "--links: $(service_linked_apps "$SERVICE")" "--post-create-network: $(fn-plugin-property-get "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "post-create-network")" "--post-start-network: $(fn-plugin-property-get "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "post-start-network")" "--service-root: ${SERVICE_ROOT}" "--status: $(service_status "$SERVICE")" "--version: $(service_version "$SERVICE")" ) if [[ -z "$INFO_FLAG" ]]; then dokku_log_info2_quiet "$SERVICE $PLUGIN_COMMAND_PREFIX service information" for flag in "${flag_map[@]}"; do key="$(echo "${flag#--}" | cut -f1 -d' ' | tr - ' ')" dokku_log_verbose "$(printf "%-20s %-25s" "${key^}" "${flag#*: }")" done else local match=false for flag in "${flag_map[@]}"; do valid_flags="${valid_flags} $(echo "$flag" | cut -d':' -f1)" if [[ "$flag" == "${INFO_FLAG}:"* ]]; then echo "${flag#*: }" && match=true fi done [[ "$match" == "true" ]] || dokku_log_fail "Invalid flag passed, valid flags:${valid_flags}" fi } service_is_linked() { declare desc="link a service to an application" declare SERVICE="$1" APP="$2" update_plugin_scheme_for_app "$APP" local SERVICE_URL=$(service_url "$SERVICE") local EXISTING_CONFIG=$(config_all "$APP") local LINK=$(echo "$EXISTING_CONFIG" | grep "$SERVICE_URL" | cut -d: -f1) || true if [[ -z $LINK ]]; then dokku_log_warn "Service $SERVICE is not linked to $APP" exit 1 fi dokku_log_info1 "Service $SERVICE is linked to $APP" } service_link() { declare desc="link a service to an application" declare SERVICE="$1" APP="$2" update_plugin_scheme_for_app "$APP" local SERVICE_URL=$(service_url "$SERVICE") local SERVICE_NAME="$(get_service_name "$SERVICE")" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local EXISTING_CONFIG=$(config_all "$APP") local LINK=$(echo "$EXISTING_CONFIG" | grep "$SERVICE_URL" | cut -d: -f1) || true local SERVICE_DNS_HOSTNAME=$(service_dns_hostname "$SERVICE") local LINKS_FILE="$SERVICE_ROOT/LINKS" local ALIAS="$PLUGIN_DEFAULT_ALIAS" local DEFAULT_ALIAS if [[ -n "$SERVICE_ALIAS" ]]; then ALIAS="$SERVICE_ALIAS" ALIAS_IN_USE=$(echo "$EXISTING_CONFIG" | grep "${ALIAS}_URL") || true [[ -n "$ALIAS_IN_USE" ]] && dokku_log_fail "Specified alias $ALIAS already in use" else DEFAULT_ALIAS=$(echo "$EXISTING_CONFIG" | grep "${PLUGIN_DEFAULT_ALIAS}_URL") || true if [[ -n "$DEFAULT_ALIAS" ]]; then ALIAS=$(service_alternative_alias "$EXISTING_CONFIG") fi [[ -z "$ALIAS" ]] && dokku_log_fail "Unable to use default or generated URL alias" fi [[ -n $LINK ]] && dokku_log_fail "Already linked as $LINK" plugn trigger service-action pre-link "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "$APP" add_to_links_file "$SERVICE" "$APP" if declare -f -F add_passed_docker_option >/dev/null; then # shellcheck disable=SC2034 local passed_phases=(build deploy run) add_passed_docker_option passed_phases[@] "--link $SERVICE_NAME:$SERVICE_DNS_HOSTNAME" else dokku docker-options:add "$APP" build,deploy,run "--link $SERVICE_NAME:$SERVICE_DNS_HOSTNAME" fi [[ -n "$SERVICE_QUERYSTRING" ]] && SERVICE_URL="${SERVICE_URL}?${SERVICE_QUERYSTRING}" plugn trigger service-action post-link "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "$APP" if [[ "$DOKKU_GLOBAL_FLAGS" == *"--no-restart"* ]] || [[ "$SERVICE_RESTART_APPS" == "false" ]]; then config_set --no-restart "$APP" "${ALIAS}_URL=$SERVICE_URL" dokku_log_verbose "Skipping restart of linked app" else config_set "$APP" "${ALIAS}_URL=$SERVICE_URL" fi plugn trigger service-action post-link-complete "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "$APP" } service_linked_apps() { declare desc="list all apps linked to a service for info output" declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local LINKS_FILE="$SERVICE_ROOT/LINKS" touch "$LINKS_FILE" [[ -z $(<"$LINKS_FILE") ]] && echo '-' && return 0 tr '\n' ' ' <"$LINKS_FILE" } service_links() { declare desc="list all apps linked to a service" declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local LINKS_FILE="$SERVICE_ROOT/LINKS" touch "$LINKS_FILE" [[ -z $(<"$LINKS_FILE") ]] && return 0 cat "$LINKS_FILE" } service_list() { declare desc="list all services and their status" mapfile -t services < <(fn-services-list true) if [[ "${#services[@]}" -eq 0 ]] || [[ -z "$services" ]]; then dokku_log_warn "There are no $PLUGIN_SERVICE services" return fi dokku_log_info2_quiet "$PLUGIN_SERVICE services" for service in "${services[@]}"; do echo "${service}" done } service_logs() { declare desc="display logs for a service" declare SERVICE="$1" TAIL_FLAG="$2" TAIL_COUNT="$3" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local ID=$(cat "$SERVICE_ROOT/ID") local RE_INTEGER='^[0-9]+$' DOKKU_LOGS_ARGS="--tail $TAIL_COUNT" if [[ "$TAIL_FLAG" == "-t" ]] || [[ "$TAIL_FLAG" == "--tail" ]]; then DOKKU_LOGS_ARGS+=" --follow" fi "$DOCKER_BIN" container inspect "$ID" >/dev/null 2>&1 || dokku_log_fail "Service container does not exist" is_container_status "$ID" "Running" || dokku_log_warn "Service logs may not be output as service is not running" # shellcheck disable=SC2086 "$DOCKER_BIN" container logs $DOKKU_LOGS_ARGS "$ID" 2>&1 } service_parse_args() { declare desc="cli arg parser" local next_index=1 local skip=false local args=("$@") for arg in "$@"; do shift case "$arg" in "--alias") set -- "$@" "-a" ;; "--config-options") set -- "$@" "-c" ;; "--custom-env") set -- "$@" "-C" ;; "--database") set -- "$@" "-d" ;; "--image-version") set -- "$@" "-I" ;; "--initial-network") set -- "$@" "-N" ;; "--image") set -- "$@" "-i" ;; "--memory") set -- "$@" "-m" ;; "--no-restart") set -- "$@" "-n" ;; "--password") set -- "$@" "-p" ;; "--post-create-network") set -- "$@" "-P" ;; "--post-start-network") set -- "$@" "-S" ;; "--querystring") set -- "$@" "-q" ;; "--restart-apps") set -- "$@" "-R" ;; "--root-password") set -- "$@" "-r" ;; "--shm-size") set -- "$@" "-s" ;; "--user") set -- "$@" "-u" ;; *) set -- "$@" "$arg" ;; esac done OPTIND=1 while getopts "na:c:C:d:i:I:m:n:N:p:P:q:R:r:s:S:u:" opt; do case "$opt" in a) SERVICE_ALIAS="${OPTARG^^}" export SERVICE_ALIAS="${SERVICE_ALIAS%_URL}" ;; c) export PLUGIN_CONFIG_OPTIONS=$OPTARG ;; C) export SERVICE_CUSTOM_ENV=$OPTARG ;; d) export SERVICE_DATABASE=$OPTARG ;; i) export PLUGIN_IMAGE=$OPTARG ;; I) export PLUGIN_IMAGE_VERSION=$OPTARG ;; m) export SERVICE_MEMORY=$OPTARG ;; n) export SERVICE_RESTART_APPS=false ;; N) export SERVICE_INITIAL_NETWORK=$OPTARG ;; p) export SERVICE_PASSWORD=$OPTARG ;; P) export SERVICE_POST_CREATE_NETWORK=$OPTARG ;; q) export SERVICE_QUERYSTRING=${OPTARG#"?"} ;; R) export SERVICE_RESTART_APPS=$OPTARG ;; r) export SERVICE_ROOT_PASSWORD=$OPTARG ;; s) export SERVICE_SHM_SIZE=$OPTARG ;; S) export SERVICE_POST_START_NETWORK=$OPTARG ;; u) export SERVICE_USER=$OPTARG ;; esac done shift "$((OPTIND - 1))" # remove options from positional parameters } service_password() { declare desc="fetch the password for a service" declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local PASSWORD_FILE="$SERVICE_ROOT/PASSWORD" if [[ -f "$PASSWORD_FILE" ]]; then cat "$PASSWORD_FILE" fi } service_root_password() { declare desc="fetch the root password for a service" declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local PASSWORD_FILE="$SERVICE_ROOT/ROOTPASSWORD" if [[ -f "$PASSWORD_FILE" ]]; then cat "$PASSWORD_FILE" fi } service_port_expose() { declare desc="wrapper for exposing service ports" declare SERVICE="$1" PORTS=(${@:2}) local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local PORT_FILE="$SERVICE_ROOT/PORT" local SERVICE_NAME="$(get_service_name "$SERVICE")" local EXPOSED_NAME="$SERVICE_NAME.ambassador" if [[ ${#PORTS[@]} -eq 0 ]]; then # shellcheck disable=SC2206 PORTS=(${PORTS[@]:-$(get_random_ports ${#PLUGIN_DATASTORE_PORTS[@]})}) fi [[ "${#PORTS[@]}" != "${#PLUGIN_DATASTORE_PORTS[@]}" ]] && dokku_log_fail "${#PLUGIN_DATASTORE_PORTS[@]} ports to be exposed need to be provided in the following order: ${PLUGIN_DATASTORE_PORTS[*]}" if [[ -s "$PORT_FILE" ]]; then # shellcheck disable=SC2207 PORTS=($(cat "$PORT_FILE")) dokku_log_fail "Service $SERVICE already exposed on port(s) ${PORTS[*]}" fi if "$DOCKER_BIN" container inspect "$EXPOSED_NAME" >/dev/null 2>&1; then dokku_log_warn "Service $SERVICE has an untracked expose container, removing" "$DOCKER_BIN" container stop "$EXPOSED_NAME" >/dev/null 2>&1 || true suppress_output "$DOCKER_BIN" container rm "$EXPOSED_NAME" fi echo "${PORTS[@]}" >"$PORT_FILE" service_start "$SERVICE" "true" service_port_reconcile_status "$SERVICE" dokku_log_info1 "Service $SERVICE exposed on port(s) [container->host]: $(service_exposed_ports "$SERVICE")" } service_port_unexpose() { declare desc="wrapper for pausing exposed service ports" declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local PORT_FILE="$SERVICE_ROOT/PORT" rm -rf "$PORT_FILE" service_port_reconcile_status "$SERVICE" dokku_log_info1 "Service $SERVICE unexposed" } service_port_reconcile_status() { declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local PORT_FILE="$SERVICE_ROOT/PORT" local SERVICE_NAME="$(get_service_name "$SERVICE")" local EXPOSED_NAME="$SERVICE_NAME.ambassador" if [[ ! -s "$PORT_FILE" ]]; then if "$DOCKER_BIN" container inspect "$EXPOSED_NAME" >/dev/null 2>&1; then "$DOCKER_BIN" container stop "$EXPOSED_NAME" >/dev/null 2>&1 || true suppress_output "$DOCKER_BIN" container rm "$EXPOSED_NAME" return $? fi return fi if is_container_status "$EXPOSED_NAME" "Running"; then return fi if "$DOCKER_BIN" container inspect "$EXPOSED_NAME" >/dev/null 2>&1; then suppress_output "$DOCKER_BIN" container start "$EXPOSED_NAME" return $? fi # shellcheck disable=SC2207 PORTS=($(cat "$PORT_FILE")) # shellcheck disable=SC2046 "$DOCKER_BIN" container run -d --link "$SERVICE_NAME:$PLUGIN_COMMAND_PREFIX" --name "$EXPOSED_NAME" $(docker_ports_options "${PORTS[@]}") --restart always --label dokku=ambassador --label "dokku.ambassador=$PLUGIN_COMMAND_PREFIX" "$PLUGIN_AMBASSADOR_IMAGE" >/dev/null } service_promote() { declare desc="promote a secondary service to the primary env var" declare SERVICE="$1" APP="$2" local PLUGIN_DEFAULT_CONFIG_VAR="${PLUGIN_DEFAULT_ALIAS}_URL" local EXISTING_CONFIG=$(config_all "$APP") update_plugin_scheme_for_app "$APP" local SERVICE_URL=$(service_url "$SERVICE") local CONFIG_VARS=($(echo "$EXISTING_CONFIG" | grep "$SERVICE_URL" | cut -d: -f1)) || true local PREVIOUS_DEFAULT_URL=$(get_url_from_config "$EXISTING_CONFIG" "$PLUGIN_DEFAULT_CONFIG_VAR") [[ -z ${CONFIG_VARS[*]} ]] && dokku_log_fail "Not linked to app $APP" [[ ${CONFIG_VARS[*]} =~ $PLUGIN_DEFAULT_CONFIG_VAR ]] && dokku_log_fail "Service $1 already promoted as $PLUGIN_DEFAULT_CONFIG_VAR" local NEW_CONFIG_VARS="" if [[ -n $PREVIOUS_DEFAULT_URL ]]; then local PREVIOUS_ALIAS=$(echo "$EXISTING_CONFIG" | grep "$PREVIOUS_DEFAULT_URL" | grep -v "$PLUGIN_DEFAULT_CONFIG_VAR") || true if [[ -z $PREVIOUS_ALIAS ]]; then local ALIAS=$(service_alternative_alias "$EXISTING_CONFIG") NEW_CONFIG_VARS+="${ALIAS}_URL=$PREVIOUS_DEFAULT_URL " fi fi local PROMOTE_URL=$(get_url_from_config "$EXISTING_CONFIG" "${CONFIG_VARS[0]}") NEW_CONFIG_VARS+="$PLUGIN_DEFAULT_CONFIG_VAR=$PROMOTE_URL" # shellcheck disable=SC2086 config_set "$APP" $NEW_CONFIG_VARS } service_set_alias() { declare desc="sets the alias in use for a service" declare SERVICE="$1" ALIAS="$2" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local ALIAS_FILE="$SERVICE_ROOT/ALIAS" touch "$ALIAS_FILE" echo "$ALIAS" >"$ALIAS_FILE" } service_status() { declare desc="display the status of a service" declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local ID="$(cat "$SERVICE_ROOT/ID")" local CONTAINER_STATUS CONTAINER_STATUS=$("$DOCKER_BIN" container inspect -f "{{.State.Status}}" "$ID" 2>/dev/null || true) [[ -n "$CONTAINER_STATUS" ]] && echo "$CONTAINER_STATUS" && return 0 echo "missing" && return 0 } service_pause() { declare desc="pause a running service" declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" local SERVICE_NAME="$(get_service_name "$SERVICE")" local ID=$("$DOCKER_BIN" container ps -aq --no-trunc --filter "name=^/$SERVICE_NAME$") || true [[ -z $ID ]] && dokku_log_warn "Service is already paused" && return 0 if [[ -n $ID ]]; then dokku_log_info2_quiet "Pausing container" "$DOCKER_BIN" container stop "$SERVICE_NAME" >/dev/null if "$DOCKER_BIN" container inspect "$ID" >/dev/null 2>&1; then "$DOCKER_BIN" container stop "$SERVICE_NAME.ambassador" >/dev/null 2>&1 || true fi dokku_log_verbose_quiet "Container paused" else dokku_log_verbose_quiet "No container exists for $SERVICE" fi } service_unlink() { declare desc="unlink an application from a service" declare SERVICE="$1" APP="$2" update_plugin_scheme_for_app "$APP" local SERVICE_URL=$(service_url "$SERVICE") local SERVICE_NAME="$(get_service_name "$SERVICE")" local EXISTING_CONFIG=$(config_all "$APP") local SERVICE_DNS_HOSTNAME=$(service_dns_hostname "$SERVICE") local LINK=($(echo "$EXISTING_CONFIG" | grep "$SERVICE_URL" | cut -d: -f1)) || true plugn trigger service-action pre-unlink "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "$APP" remove_from_links_file "$SERVICE" "$APP" if declare -f -F add_passed_docker_option >/dev/null; then # shellcheck disable=SC2034 local passed_phases=(build deploy run) remove_passed_docker_option passed_phases[@] "--link $SERVICE_NAME:$SERVICE_DNS_HOSTNAME" else dokku docker-options:remove "$APP" build,deploy,run "--link $SERVICE_NAME:$SERVICE_DNS_HOSTNAME" fi [[ -z ${LINK[*]} ]] && dokku_log_fail "Not linked to app $APP" plugn trigger service-action post-unlink "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "$APP" if [[ "$DOKKU_GLOBAL_FLAGS" == *"--no-restart"* ]] || [[ "$SERVICE_RESTART_APPS" == "false" ]]; then config_unset --no-restart "$APP" "${LINK[@]}" dokku_log_verbose "Skipping restart of linked app" else config_unset "$APP" "${LINK[@]}" fi plugn trigger service-action post-unlink-complete "$PLUGIN_COMMAND_PREFIX" "$SERVICE" "$APP" } service_version() { declare desc="display the running version for an image" declare SERVICE="$1" local SERVICE_NAME="$(get_service_name "$SERVICE")" "$DOCKER_BIN" container inspect -f '{{.Config.Image}}' "$SERVICE_NAME" 2>/dev/null || true } update_plugin_scheme_for_app() { declare desc="retrieve the updated plugin scheme" declare APP="$1" local DATABASE_SCHEME DATABASE_SCHEME=$(config_get "$APP" "${PLUGIN_VARIABLE}_DATABASE_SCHEME" || true) PLUGIN_SCHEME=${DATABASE_SCHEME:-$PLUGIN_SCHEME} } verify_service_name() { declare desc="verify that a service exists" declare SERVICE="$@" if [[ -z "$SERVICE" ]]; then dokku_log_fail "SERVICE must not be empty" fi if [[ ! -d "$PLUGIN_DATA_ROOT/$SERVICE" ]]; then dokku_log_fail "$PLUGIN_SERVICE service $SERVICE does not exist" fi SERVICE="$(auth_service_filter "$SERVICE")" if [[ -z "$SERVICE" ]]; then dokku_log_fail "$PLUGIN_SERVICE service $SERVICE does not exist" fi return 0 } write_database_name() { declare desc="write a sanitized database name" declare SERVICE="$1" local SERVICE_ROOT="$PLUGIN_DATA_ROOT/$SERVICE" # some datastores do not like special characters in database names # so we need to normalize them out echo "$SERVICE" | tr .- _ >"$SERVICE_ROOT/DATABASE_NAME" }