From 8f6a7384813b617b1f9f9113318793a818fc76b9 Mon Sep 17 00:00:00 2001 From: Noxcis Date: Sat, 24 Aug 2024 20:02:34 -0500 Subject: [PATCH] Docker 2 Stage --- Dockerfile | 34 +++++++++++++++++---------- compose.yaml | 4 ++-- docker/alpine/builder.sh | 43 ++++++++++++++++++++++++++++++++++ docker/alpine/entrypoint.sh | 15 +++++------- docker/alpine/requirements.txt | 10 ++------ docker/alpine/wgd.sh | 39 ++++++++++++++++-------------- src/wgd.sh | 22 ++++++++--------- 7 files changed, 107 insertions(+), 60 deletions(-) create mode 100644 docker/alpine/builder.sh diff --git a/Dockerfile b/Dockerfile index a517a76..04f0c6c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,25 +1,35 @@ # Pull from small Debian stable image. -FROM alpine:latest +FROM alpine:latest AS builder + LABEL maintainer="dselen@nerthus.nl" -ENV PYTHONPATH="/usr/lib/python3.12/site-packages" WORKDIR /opt/wireguarddashboard/src + RUN apk update && \ - apk add --no-cache sudo gcc musl-dev linux-headers && \ - apk add --no-cache wireguard-tools && \ - apk add --no-cache iptables ip6tables && \ - mkdir /opt/wireguarddashboard/src/master-key - + apk add --no-cache sudo gcc musl-dev rust cargo linux-headers + +COPY ./docker/alpine/builder.sh /opt/wireguarddashboard/src/ +COPY ./docker/alpine/requirements.txt /opt/wireguarddashboard/src/ +RUN chmod u+x /opt/wireguarddashboard/src/builder.sh +RUN /opt/wireguarddashboard/src/builder.sh + + +FROM alpine:latest +WORKDIR /opt/wireguarddashboard/src COPY ./src /opt/wireguarddashboard/src/ +COPY --from=builder /opt/wireguarddashboard/src/venv /opt/wireguarddashboard/src/venv +COPY --from=builder /opt/wireguarddashboard/src/log /opt/wireguarddashboard/src/log/ COPY ./docker/alpine/entrypoint.sh /opt/wireguarddashboard/src/ -#COPY ./docker/alpine/wgd.sh /opt/wireguarddashboard/src/ -#COPY ./docker/alpine/requirements.txt /opt/wireguarddashboard/src/ - -RUN chmod u+x /opt/wireguarddashboard/src/entrypoint.sh +COPY ./docker/alpine/wgd.sh /opt/wireguarddashboard/src/ -# Defining a way for Docker to check the health of the container. In this case: checking the login URL. + +RUN apk update && \ + apk add --no-cache wireguard-tools sudo && \ + apk add --no-cache iptables ip6tables && \ + chmod u+x /opt/wireguarddashboard/src/entrypoint.sh + HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 CMD curl -f http://localhost:10086/signin || exit 1 ENTRYPOINT ["/opt/wireguarddashboard/src/entrypoint.sh"] \ No newline at end of file diff --git a/compose.yaml b/compose.yaml index a75ef45..7e55875 100644 --- a/compose.yaml +++ b/compose.yaml @@ -12,7 +12,7 @@ services: - wg_port=51820 volumes: - wgd_configs:/etc/wireguard - - wgd_app:/opt/wireguarddashboard/src + #- wgd_app:/opt/wireguarddashboard/src ports: - 10086:10086/tcp - 51820:51820/udp @@ -23,4 +23,4 @@ services: volumes: wgd_configs: - wgd_app: \ No newline at end of file + #wgd_app: \ No newline at end of file diff --git a/docker/alpine/builder.sh b/docker/alpine/builder.sh new file mode 100644 index 0000000..5511413 --- /dev/null +++ b/docker/alpine/builder.sh @@ -0,0 +1,43 @@ +venv_python="./venv/bin/python3" +venv_gunicorn="./venv/bin/gunicorn" +pythonExecutable="python3" + + +_check_and_set_venv(){ + VIRTUAL_ENV="./venv" + if [ ! -d $VIRTUAL_ENV ]; then + printf "[WGDashboard] Creating Python Virtual Environment under ./venv\n" + { $pythonExecutable -m venv $VIRTUAL_ENV; } >> ./log/install.txt + fi + + if ! $venv_python --version > /dev/null 2>&1 + then + printf "[WGDashboard] %s Python Virtual Environment under ./venv failed to create. Halting now.\n" "$heavy_crossmark" + kill $TOP_PID + fi + + source ${VIRTUAL_ENV}/bin/activate + +} + +build_core () { + if [ ! -d "log" ] + then + printf "[WGDashboard] Creating ./log folder\n" + mkdir "log" + fi + + + apk add --no-cache python3 net-tools python3-dev py3-virtualenv + _check_and_set_venv + printf "[WGDashboard] Upgrading Python Package Manage (PIP)\n" + { date; python3 -m pip install --upgrade pip; printf "\n\n"; } >> ./log/install.txt + printf "[WGDashboard] Building Bcrypt & Psutil\n" + { date; python3 -m pip install -r requirements.txt ; printf "\n\n"; } >> ./log/install.txt + printf "[WGDashboard] Build Successfull!\n" + printf "[WGDashboard] Clean Up Pip!\n" + { date; rm -rf /opt/wireguarddashboard/src/venv/lib/python3.12/site-packages/pip* ; printf "\n\n"; } >> ./log/install.txt + +} + +build_core diff --git a/docker/alpine/entrypoint.sh b/docker/alpine/entrypoint.sh index 6c79033..cac6fa2 100644 --- a/docker/alpine/entrypoint.sh +++ b/docker/alpine/entrypoint.sh @@ -11,9 +11,6 @@ clean_up() { echo "No remains found, continuing." fi } - - - ensure_blocking() { sleep 1s echo "Ensuring container continuation." @@ -29,13 +26,13 @@ ensure_blocking() { sleep infinity } -# Execute functions for the WireGuard Dashboard services, then set the environment variables -clean_up +{ date; clean_up; printf "\n\n"; } >> ./log/install.txt + chmod u+x /opt/wireguarddashboard/src/wgd.sh -if [ ! -f "/opt/wireguarddashboard/src/wg-dashboard.ini" ]; then - /opt/wireguarddashboard/src/wgd.sh install - -fi + + + +/opt/wireguarddashboard/src/wgd.sh install /opt/wireguarddashboard/src/wgd.sh start ensure_blocking diff --git a/docker/alpine/requirements.txt b/docker/alpine/requirements.txt index 5671fc8..074ed2f 100644 --- a/docker/alpine/requirements.txt +++ b/docker/alpine/requirements.txt @@ -1,8 +1,2 @@ -#bcrypt -ifcfg -#psutil -pyotp -Flask -flask-cors -icmplib -gunicorn \ No newline at end of file +bcrypt +psutil diff --git a/docker/alpine/wgd.sh b/docker/alpine/wgd.sh index e13aa9b..844d781 100644 --- a/docker/alpine/wgd.sh +++ b/docker/alpine/wgd.sh @@ -59,14 +59,15 @@ _check_and_set_venv(){ . ${VIRTUAL_ENV}/bin/activate } + _determineOS(){ if [ -f /etc/os-release ]; then . /etc/os-release OS=$ID elif [ -f /etc/redhat-release ]; then OS="redhat" -# elif [ -f /etc/arch-release ]; then -# OS="arch" + # elif [ -f /etc/arch-release ]; then + # OS="arch" else printf "[WGDashboard] %s Sorry, your OS is not supported. Currently the install script only support Debian-based, Red Hat-based OS." "$heavy_crossmark" printf "%s\n" "$helpMsg" @@ -88,7 +89,7 @@ _installPython(){ fi ;; alpine) - { apk update; apk add python3 net-tools py3-bcrypt py3-psutil; printf "\n\n"; } &>> ./log/install.txt + { apk update; apk add python3 net-tools ; printf "\n\n"; } &>> ./log/install.txt ;; esac @@ -129,18 +130,18 @@ _installPythonVenv(){ ubuntu|debian) { sudo apt-get update; sudo apt-get install ${pythonExecutable}-venv; } &>> ./log/install.txt ;; -# centos|fedora|redhat|rhel) -# if command -v dnf &> /dev/null; then -# { sudo dnf install -y ${pythonExecutable}-virtualenv; printf "\n\n"; } >> ./log/install.txt -# else -# { sudo yum install -y ${pythonExecutable}-virtualenv; printf "\n\n"; } >> ./log/install.txt -# fi -# ;; -# *) -# printf "[WGDashboard] %s Sorry, your OS is not supported. Currently the install script only support Debian-based, Red Hat-based OS.\n" "$heavy_crossmark" -# printf "%s\n" "$helpMsg" -# kill $TOP_PID -# ;; + # centos|fedora|redhat|rhel) + # if command -v dnf &> /dev/null; then + # { sudo dnf install -y ${pythonExecutable}-virtualenv; printf "\n\n"; } >> ./log/install.txt + # else + # { sudo yum install -y ${pythonExecutable}-virtualenv; printf "\n\n"; } >> ./log/install.txt + # fi + # ;; + # *) + # printf "[WGDashboard] %s Sorry, your OS is not supported. Currently the install script only support Debian-based, Red Hat-based OS.\n" "$heavy_crossmark" + # printf "%s\n" "$helpMsg" + # kill $TOP_PID + # ;; esac fi @@ -256,8 +257,6 @@ install_wgd(){ _installPythonVenv _installPythonPip - - if [ ! -d "db" ] then @@ -265,13 +264,17 @@ install_wgd(){ mkdir "db" fi _check_and_set_venv + printf "[WGDashboard] Upgrading Python Package Manage (PIP)\n" + { date; python3 -m ensurepip --upgrade; printf "\n\n"; } >> ./log/install.txt { date; python3 -m pip install --upgrade pip; printf "\n\n"; } >> ./log/install.txt printf "[WGDashboard] Installing latest Python dependencies\n" { date; python3 -m pip install -r requirements.txt ; printf "\n\n"; } >> ./log/install.txt printf "[WGDashboard] WGDashboard installed successfully!\n" printf "[WGDashboard] Enter ./wgd.sh start to start the dashboard\n" + #deactivate + } check_wgd_status(){ @@ -307,8 +310,8 @@ gunicorn_start () { fi _check_and_set_venv + sudo "$venv_gunicorn" --config ./gunicorn.conf.py - #sudo gunicorn -c ./gunicorn.conf.py sleep 5 checkPIDExist=0 while [ $checkPIDExist -eq 0 ] diff --git a/src/wgd.sh b/src/wgd.sh index 9076b87..f7d2de7 100755 --- a/src/wgd.sh +++ b/src/wgd.sh @@ -88,7 +88,7 @@ _installPython(){ fi ;; alpine) - { apk update; apk add python3 net-tools python3-dev; printf "\n\n"; } &>> ./log/install.txt + { apk update; apk add python3 net-tools; printf "\n\n"; } &>> ./log/install.txt ;; esac @@ -129,15 +129,15 @@ _installPythonVenv(){ ubuntu|debian) { sudo apt-get update; sudo apt-get install ${pythonExecutable}-venv; } &>> ./log/install.txt ;; -# centos|fedora|redhat|rhel) -# if command -v dnf &> /dev/null; then -# { sudo dnf install -y ${pythonExecutable}-virtualenv; printf "\n\n"; } >> ./log/install.txt -# else -# { sudo yum install -y ${pythonExecutable}-virtualenv; printf "\n\n"; } >> ./log/install.txt -# fi -# ;; -# *) -# printf "[WGDashboard] %s Sorry, your OS is not supported. Currently the install script only support Debian-based, Red Hat-based OS.\n" "$heavy_crossmark" + # centos|fedora|redhat|rhel) + # if command -v dnf &> /dev/null; then + # { sudo dnf install -y ${pythonExecutable}-virtualenv; printf "\n\n"; } >> ./log/install.txt + # else + # { sudo yum install -y ${pythonExecutable}-virtualenv; printf "\n\n"; } >> ./log/install.txt + # fi + # ;; + # *) + # printf "[WGDashboard] %s Sorry, your OS is not supported. Currently the install script only support Debian-based, Red Hat-based OS.\n" "$heavy_crossmark" # printf "%s\n" "$helpMsg" # kill $TOP_PID # ;; @@ -432,4 +432,4 @@ if [ "$#" != 1 ]; else help fi -fi +fi \ No newline at end of file