Enabled container to run with single persistent volume

2017-05-08 13:32:18 +10:00 · 2017-05-08 13:32:18 +10:00 · ebdf923805
commit ebdf923805
parent 73b93c5879
6 changed files with 208 additions and 13 deletions
--- a/10-default.conf
+++ b/10-default.conf
@ -1,4 +1,4 @@
-<Directory /var/www/sites>
+<Directory /var/www/html>
 	AllowOverride AuthConfig FileInfo Indexes Limit Options
 	Options FollowSymLinks
 	Require all denied
--- a/11-default.conf
+++ b/11-default.conf
@ -0,0 +1,15 @@
 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
 LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
 <Directory /var/www/html/public>
 	AllowOverride FileInfo Indexes Options=Multiviews
 	Require all granted
 </Directory>
 <VirtualHost *:80>
 	DocumentRoot /var/www/html/public
 	ErrorLog /var/log/httpd/0.0.0.0-error_log
 	TransferLog /var/log/httpd/0.0.0.0-access_log
 	CustomLog logs/0.0.0.0-custom_log combined
 </VirtualHost>
--- a/20
+++ b/20
@ -35,19 +35,23 @@ RUN yum -y install --enabler remi-php70 \
 	&& yum clean all
 COPY .my.cnf /root/
-COPY 10-default.conf /etc/httpd/conf.d/
+COPY 1?-default.conf /etc/httpd/conf.d/
 COPY sshd /etc/sysconfig/sshd
 COPY sshd_config /etc/ssh/
 RUN ln -f /etc/.ln/httpd/conf.d/awstats.conf /etc/httpd/conf.d/awstats.conf && ln -f /etc/.ln/opendkim.conf /etc/opendkim.conf
-RUN useradd -c "Hosting Admin User" -m lamp -G apache
+RUN useradd -c "Hosting Admin User" -G apache -d /etc/leenooks/user -M lamp
 RUN useradd -rc "Composer" -m composer -s /sbin/nologin && su composer -s /bin/bash -lc "composer global require laravel/installer && composer require --dev --no-update xethron/migrations-generator:dev-l5 && composer require --dev --no-update way/generators:dev-feature/laravel-five-stable && composer config repositories.repo-name git git@github.com:jamisonvalenta/Laravel-4-Generators.git" 
-VOLUME [ "/etc/ssh" ]
+EXPOSE 22 80
-EXPOSE 80 443
+COPY init /sbin/
 # Starting
 ENTRYPOINT [ "/sbin/init" ]
 LABEL cron.hourly root:/usr/sbin/awstats.sh
 LABEL cron.daily root:/usr/bin/tdp.mysql.sh -s information_schema:performance_schema
-# Starting
+#VOLUME [ "/etc/leenooks","/var/lib/mysql","/var/www/html" ]
-COPY init /sbin/
+VOLUME [ "/etc/leenooks" ]
-ENTRYPOINT [ "/sbin/init" ]
+RUN rmdir /var/lib/mysql; ln -sf /etc/leenooks/database /var/lib/mysql; mv /var/www/html /var/www/html.old; ln -sf /etc/leenooks/html /var/www/html; ln -sf /etc/leenooks/tsm/dsm.sys /opt/tivoli/tsm/client/api/bin64/dsm.sys; ln -sf /etc/leenooks/tsm/dsm.opt /opt/tivoli/tsm/client/api/bin64/dsm.opt;
 CMD [ "start" ]
--- a/9
+++ b/9
@ -25,7 +25,7 @@ function firststart {
 trap 'stop' SIGTERM
-if [ "$1" == "start" ]; then
+if [ -z "$1" ]; then
 	if [ "$NO_MAIL" != "TRUE" ]; then
 		if [ -z `hostname --domain` ]; then
 			echo "You must start this container with --hostname= specifying a domain name"
@ -44,6 +44,7 @@ if [ "$1" == "start" ]; then
 	if [ "$NO_SSH" != "TRUE" ]; then
 		echo "Starting SSHD..."
 		[ ! -d /etc/leenooks/ssh ] && mkdir /etc/leenooks/ssh && chmod 750 /etc/leenoks/ssh
 		getent passwd lamp || useradd -c "Hosting Admin User" -m lamp
 		[ -x /usr/sbin/sshd-keygen ] && /usr/sbin/sshd-keygen
 		[ -x /usr/sbin/sshd ] && /usr/sbin/sshd -D &
@ -62,11 +63,11 @@ if [ "$1" == "start" ]; then
 	if [ "$NO_HTTP" != "TRUE" ]; then
 		if [ -d /etc/awstats ]; then
 			find /etc/awstats/ -type l | xargs -n 5 rm -f
-			[ -e /var/www/sites/*/awstats/awstats*conf ] && find /var/www/sites/*/awstats/awstats*conf -type f -exec ln -sf {} /etc/awstats/ \;
+			[ -e /etc/leenooks/awstats/awstats*conf ] && find /etc/leenooks/awstats/awstats*conf -type f -exec ln -sf {} /etc/awstats/ \;
 		fi
 		echo "Starting HTTP..."
 		find /etc/httpd/conf.d/ -type l | xargs -n 5 rm -f
-		find /etc/httpd/sites.d -type f -exec ln -sf {} /etc/httpd/conf.d/ \;
+		[ -d /etc/leenooks/httpd ] && find /etc/leenooks/httpd -type f -exec ln -sf {} /etc/httpd/conf.d/ \;
 		[ -x /usr/sbin/httpd ] && /usr/sbin/httpd -DFOREGROUND &
 	else
 		echo "! NOT starting HTTP"
@ -74,7 +75,7 @@ if [ "$1" == "start" ]; then
 	firststart
 	wait
 else
 	firststart
 	exec $@
 fi
--- a/22
+++ b/22
@ -0,0 +1,22 @@
 # Configuration file for the sshd service.
 # The server keys are automatically generated if they are missing.
 # To change the automatic creation uncomment and change the appropriate
 # line. Accepted key types are: DSA RSA ECDSA ED25519.
 # The default is "RSA ECDSA ED25519"
 # AUTOCREATE_SERVER_KEYS=""
 # AUTOCREATE_SERVER_KEYS="RSA ECDSA ED25519"
 # Do not change this option unless you have hardware random
 # generator and you REALLY know what you are doing
 SSH_USE_STRONG_RNG=0
 # SSH_USE_STRONG_RNG=1
 # Override Defaults
 RSA1_KEY=/etc/leenooks/ssh/ssh_host_key
 RSA_KEY=/etc/leenooks/ssh/ssh_host_rsa_key
 DSA_KEY=/etc/leenooks/ssh/ssh_host_dsa_key
 ECDSA_KEY=/etc/leenooks/ssh/ssh_host_ecdsa_key
 ED25519_KEY=/etc/leenooks/ssh/ssh_host_ed25519_key
--- a/153
+++ b/153
@ -0,0 +1,153 @@
 #	$OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $
 # This is the sshd server system-wide configuration file.  See
 # sshd_config(5) for more information.
 # This sshd was compiled with PATH=/usr/local/bin:/usr/bin
 # The strategy used for options in the default sshd_config shipped with
 # OpenSSH is to specify options with their default value where
 # possible, but leave them commented.  Uncommented options override the
 # default value.
 # If you want to change the port on a SELinux system, you have to tell
 # SELinux about this change.
 # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
 #
 #Port 22
 #AddressFamily any
 #ListenAddress 0.0.0.0
 #ListenAddress ::
 # The default requires explicit activation of protocol 1
 #Protocol 2
 # HostKey for protocol version 1
 #HostKey /etc/ssh/ssh_host_key
 # HostKeys for protocol version 2
 HostKey /etc/leenooks/ssh/ssh_host_rsa_key
 #HostKey /etc/ssh/ssh_host_dsa_key
 HostKey /etc/leenooks/ssh/ssh_host_ecdsa_key
 HostKey /etc/leenooks/ssh/ssh_host_ed25519_key
 # Lifetime and size of ephemeral version 1 server key
 #KeyRegenerationInterval 1h
 #ServerKeyBits 1024
 # Ciphers and keying
 #RekeyLimit default none
 # Logging
 # obsoletes QuietMode and FascistLogging
 #SyslogFacility AUTH
 SyslogFacility AUTHPRIV
 #LogLevel INFO
 # Authentication:
 #LoginGraceTime 2m
 #PermitRootLogin yes
 #StrictModes yes
 #MaxAuthTries 6
 #MaxSessions 10
 #RSAAuthentication yes
 #PubkeyAuthentication yes
 # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
 # but this is overridden so installations will only check .ssh/authorized_keys
 AuthorizedKeysFile	.ssh/authorized_keys
 #AuthorizedPrincipalsFile none
 #AuthorizedKeysCommand none
 #AuthorizedKeysCommandUser nobody
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
 #RhostsRSAAuthentication no
 # similar for protocol version 2
 #HostbasedAuthentication no
 # Change to yes if you don't trust ~/.ssh/known_hosts for
 # RhostsRSAAuthentication and HostbasedAuthentication
 #IgnoreUserKnownHosts no
 # Don't read the user's ~/.rhosts and ~/.shosts files
 #IgnoreRhosts yes
 # To disable tunneled clear text passwords, change to no here!
 #PasswordAuthentication yes
 #PermitEmptyPasswords no
 PasswordAuthentication yes
 # Change to no to disable s/key passwords
 #ChallengeResponseAuthentication yes
 ChallengeResponseAuthentication no
 # Kerberos options
 #KerberosAuthentication no
 #KerberosOrLocalPasswd yes
 #KerberosTicketCleanup yes
 #KerberosGetAFSToken no
 #KerberosUseKuserok yes
 # GSSAPI options
 GSSAPIAuthentication yes
 GSSAPICleanupCredentials no
 #GSSAPIStrictAcceptorCheck yes
 #GSSAPIKeyExchange no
 #GSSAPIEnablek5users no
 # Set this to 'yes' to enable PAM authentication, account processing,
 # and session processing. If this is enabled, PAM authentication will
 # be allowed through the ChallengeResponseAuthentication and
 # PasswordAuthentication.  Depending on your PAM configuration,
 # PAM authentication via ChallengeResponseAuthentication may bypass
 # the setting of "PermitRootLogin without-password".
 # If you just want the PAM account and session checks to run without
 # PAM authentication, then enable this but set PasswordAuthentication
 # and ChallengeResponseAuthentication to 'no'.
 # WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several
 # problems.
 UsePAM yes
 #AllowAgentForwarding yes
 #AllowTcpForwarding yes
 #GatewayPorts no
 X11Forwarding yes
 #X11DisplayOffset 10
 #X11UseLocalhost yes
 #PermitTTY yes
 #PrintMotd yes
 #PrintLastLog yes
 #TCPKeepAlive yes
 #UseLogin no
 UsePrivilegeSeparation sandbox		# Default for new installations.
 #PermitUserEnvironment no
 #Compression delayed
 #ClientAliveInterval 0
 #ClientAliveCountMax 3
 #ShowPatchLevel no
 #UseDNS yes
 #PidFile /var/run/sshd.pid
 #MaxStartups 10:30:100
 #PermitTunnel no
 #ChrootDirectory none
 #VersionAddendum none
 # no default banner path
 #Banner none
 # Accept locale-related environment variables
 AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
 AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
 AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
 AcceptEnv XMODIFIERS
 # override default of no subsystems
 Subsystem	sftp	/usr/libexec/openssh/sftp-server
 # Example of overriding settings on a per-user basis
 #Match User anoncvs
 #	X11Forwarding no
 #	AllowTcpForwarding no
 #	PermitTTY no
 #	ForceCommand cvs server