Bitnami/containers
2
0
Fork 0
mirror of https://github.com/bitnami/containers.git synced 2026-03-07 18:17:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'drupal-nginx/master' into main

Browse Source
This commit is contained in:
Miguel A. Cabrera Minagorri
2022-04-08 17:36:33 +02:00
parent c08e70929a 00b77b3a22
commit c9595313ac
72 changed files with 7312 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
bitnami/drupal-nginx/.github/ISSUE_TEMPLATE/bug_report.yml vendored Normal file
View File

@@ -0,0 +1,41 @@
name: 🐞 Bug
description: Create a report to help us improve
body:
- type: markdown
attributes:
value: |
Thank you for reporting an issue. Before you open the bug report please review the README file present in the root of this repository.
Please fill in as much of the following form as you're able.
- type: input
attributes:
label: Name and Version
description: Name and version of the affected container image
placeholder: bitnami/wordpress:1.2.3
validations:
required: true
- type: textarea
attributes:
label: What steps will reproduce the bug?
description: Enter details about your bug.
placeholder: |
1. In this environment...
2. With this config...
3. Run '...'
4. See error...
validations:
required: true
- type: textarea
attributes:
label: What is the expected behavior?
description: If possible please provide textual output instead of screenshots.
- type: textarea
attributes:
label: What do you see instead?
description: If possible please provide textual output instead of screenshots.
validations:
required: true
- type: textarea
attributes:
label: Additional information
description: Tell us anything else you think we should know.

1
bitnami/drupal-nginx/.github/ISSUE_TEMPLATE/config.yml vendored Normal file
View File

@@ -0,0 +1 @@
blank_issues_enabled: false

29
bitnami/drupal-nginx/.github/ISSUE_TEMPLATE/feature_request.yml vendored Normal file
View File

@@ -0,0 +1,29 @@
name: "\U0001F680 Feature request"
description: Suggest an idea for this project
body:
- type: markdown
attributes:
value: |
Thank you for suggesting an idea to improve this Bitnami container image.
Please fill in as much of the following form as you're able.
- type: input
attributes:
label: Name and Version
description: Name and version of the affected container image
placeholder: bitnami/wordpress:1.2.3
validations:
required: true
- type: textarea
attributes:
label: What is the problem this feature will solve?
validations:
required: true
- type: textarea
attributes:
label: What is the feature you are proposing to solve the problem?
description: Describe the requests. If you already have something in mind... PRs are welcome!
validations:
required: true
- type: textarea
attributes:
label: What alternatives have you considered?

32
bitnami/drupal-nginx/.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View File

@@ -0,0 +1,32 @@
<!--
Before you open the request please review the following guidelines and tips to help it be more easily integrated:
- Describe the scope of your change - i.e. what the change does.
- Describe any known limitations with your change.
- Please run any tests or examples that can exercise your modified code.
Thank you for contributing! We will try to test and integrate the change as soon as we can, but be aware we have many GitHub repositories to manage and can't immediately respond to every request. There is no need to bump or check in on a pull request (it will clutter the discussion of the request).
Also don't be worried if the request is closed or not integrated sometimes the priorities of Bitnami might not match the priorities of the pull request. Don't fret, the open source community thrives on forks and GitHub makes it easy to keep your changes in a forked repo.
-->
**Description of the change**
<!-- Describe the scope of your change - i.e. what the change does. -->
**Benefits**
<!-- What benefits will be realized by the code change? -->
**Possible drawbacks**
<!-- Describe any known limitations with your change -->
**Applicable issues**
<!-- Enter any applicable Issues here (You can reference an issue using #) -->
**Additional information**
<!-- If there's anything else that's important and relevant to your pull
request, mention that information here.-->

20
bitnami/drupal-nginx/.github/workflows/stale.yml vendored Normal file
View File

@@ -0,0 +1,20 @@
name: 'Close stale issues and PRs'
on:
schedule:
- cron: '0 1 * * *'
jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v3
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
stale-issue-message: 'This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.'
stale-pr-message: 'This Pull Request has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thank you for your contribution.'
close-issue-message: 'Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.'
close-pr-message: 'Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Pull Request. Do not hesitate to reopen it later if necessary.'
days-before-stale: 15
days-before-close: 5
exempt-issue-labels: 'on-hold'
exempt-pr-labels: 'on-hold'

38
bitnami/drupal-nginx/9/debian-10/Dockerfile Normal file
View File

@@ -0,0 +1,38 @@
FROM docker.io/bitnami/minideb:buster
LABEL maintainer "Bitnami <containers@bitnami.com>"
ENV HOME="/" \
OS_ARCH="amd64" \
OS_FLAVOUR="debian-10" \
OS_NAME="linux"
COPY prebuildfs /
# Install required system packages and dependencies
RUN install_packages acl ca-certificates curl dirmngr gnupg gzip libaudit1 libbsd0 libbz2-1.0 libc6 libcap-ng0 libcom-err2 libcurl4 libexpat1 libffi6 libfftw3-double3 libfontconfig1 libfreetype6 libgcc1 libgcrypt20 libgeoip1 libglib2.0-0 libgmp10 libgnutls30 libgomp1 libgpg-error0 libgssapi-krb5-2 libhogweed4 libicu63 libidn2-0 libjpeg62-turbo libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblcms2-2 libldap-2.4-2 liblqr-1-0 libltdl7 liblzma5 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libmemcached11 libmemcachedutil2 libncurses6 libnettle6 libnghttp2-14 libonig5 libp11-kit0 libpam0g libpcre3 libpng16-16 libpq5 libpsl5 libreadline7 librtmp1 libsasl2-2 libsodium23 libsqlite3-0 libssh2-1 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtidy5deb1 libtinfo6 libunistring2 libuuid1 libwebp6 libx11-6 libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxslt1.1 libzip4 procps tar unzip zlib1g
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "php" "8.1.4-9" --checksum 3df7b2bd7159f9627fbc2dc1ae5ea9464306c983edc53e4207fa3cc0e05755ea
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "nginx" "1.21.6-4" --checksum 305f5b0413081f7911932bc7144c478858444e16e7ef917123f50455a490c427
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "mysql-client" "10.6.7-4" --checksum 14329a8ec0a649ecb9ffb37085a547183748efedea8ed029801ab9b381ab7173
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "render-template" "1.0.1-10" --checksum 97c2ae4b001c5937e888b920bee7b1a40a076680caac53ded6d10f6207d54565
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "gosu" "1.14.0-7" --checksum d6280b6f647a62bf6edc74dc8e526bfff63ddd8067dcb8540843f47203d9ccf1
RUN . /opt/bitnami/scripts/libcomponent.sh && component_unpack "drupal" "9.3.9-0" --checksum 4fe12a0904c646d12e28a7b1bfc345c2e9dfcd2a9d769cb342996d377e7ed351
RUN apt-get update && apt-get upgrade -y && \
rm -r /var/lib/apt/lists /var/cache/apt/archives
RUN chmod g+rwX /opt/bitnami
COPY rootfs /
RUN /opt/bitnami/scripts/php/postunpack.sh
RUN /opt/bitnami/scripts/nginx/postunpack.sh
RUN /opt/bitnami/scripts/nginx-php-fpm/postunpack.sh
RUN /opt/bitnami/scripts/drupal/postunpack.sh
RUN /opt/bitnami/scripts/mysql-client/postunpack.sh
ENV APP_VERSION="9.3.9" \
BITNAMI_APP_NAME="drupal-nginx" \
NGINX_HTTPS_PORT_NUMBER="" \
NGINX_HTTP_PORT_NUMBER="" \
PATH="/opt/bitnami/php/bin:/opt/bitnami/php/sbin:/opt/bitnami/nginx/sbin:/opt/bitnami/mysql/bin:/opt/bitnami/common/bin:/opt/bitnami/drupal/vendor/bin:$PATH"
EXPOSE 8080 8443
USER 1001
ENTRYPOINT [ "/opt/bitnami/scripts/drupal/entrypoint.sh" ]
CMD [ "/opt/bitnami/scripts/nginx-php-fpm/run.sh" ]

32
bitnami/drupal-nginx/9/debian-10/docker-compose.yml Normal file
View File

@@ -0,0 +1,32 @@
version: '2'
services:
mariadb:
image: docker.io/bitnami/mariadb:10.6
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- MARIADB_USER=bn_drupal
- MARIADB_DATABASE=bitnami_drupal
volumes:
- 'mariadb_data:/bitnami/mariadb'
drupal:
image: docker.io/bitnami/drupal-nginx:9
ports:
- '80:8080'
- '443:8443'
environment:
- DRUPAL_DATABASE_HOST=mariadb
- DRUPAL_DATABASE_PORT_NUMBER=3306
- DRUPAL_DATABASE_USER=bn_drupal
- DRUPAL_DATABASE_NAME=bitnami_drupal
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
volumes:
- 'drupal_data:/bitnami/drupal'
depends_on:
- mariadb
volumes:
mariadb_data:
driver: local
drupal_data:
driver: local

44
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/.bitnami_components.json Normal file
View File

@@ -0,0 +1,44 @@
{
"drupal": {
"arch": "amd64",
"digest": "4fe12a0904c646d12e28a7b1bfc345c2e9dfcd2a9d769cb342996d377e7ed351",
"distro": "debian-10",
"type": "NAMI",
"version": "9.3.9-0"
},
"gosu": {
"arch": "amd64",
"digest": "d6280b6f647a62bf6edc74dc8e526bfff63ddd8067dcb8540843f47203d9ccf1",
"distro": "debian-10",
"type": "NAMI",
"version": "1.14.0-7"
},
"mysql-client": {
"arch": "amd64",
"digest": "14329a8ec0a649ecb9ffb37085a547183748efedea8ed029801ab9b381ab7173",
"distro": "debian-10",
"type": "NAMI",
"version": "10.6.7-4"
},
"nginx": {
"arch": "amd64",
"digest": "305f5b0413081f7911932bc7144c478858444e16e7ef917123f50455a490c427",
"distro": "debian-10",
"type": "NAMI",
"version": "1.21.6-4"
},
"php": {
"arch": "amd64",
"digest": "3df7b2bd7159f9627fbc2dc1ae5ea9464306c983edc53e4207fa3cc0e05755ea",
"distro": "debian-10",
"type": "NAMI",
"version": "8.1.4-9"
},
"render-template": {
"arch": "amd64",
"digest": "97c2ae4b001c5937e888b920bee7b1a40a076680caac53ded6d10f6207d54565",
"distro": "debian-10",
"type": "NAMI",
"version": "1.0.1-10"
}
}

3
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/licenses/licenses.txt Normal file
View File

@@ -0,0 +1,3 @@
Bitnami containers ship with software bundles. You can find the licenses under:
/opt/bitnami/nami/COPYING
/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt

51
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libbitnami.sh Normal file
View File

@@ -0,0 +1,51 @@
#!/bin/bash
#
# Bitnami custom library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Constants
BOLD='\033[1m'
# Functions
########################
# Print the welcome page
# Globals:
# DISABLE_WELCOME_MESSAGE
# BITNAMI_APP_NAME
# Arguments:
# None
# Returns:
# None
#########################
print_welcome_page() {
if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then
if [[ -n "$BITNAMI_APP_NAME" ]]; then
print_image_welcome_page
fi
fi
}
########################
# Print the welcome page for a Bitnami Docker image
# Globals:
# BITNAMI_APP_NAME
# Arguments:
# None
# Returns:
# None
#########################
print_image_welcome_page() {
local github_url="https://github.com/bitnami/bitnami-docker-${BITNAMI_APP_NAME}"
log ""
log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}"
log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}"
log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}"
log ""
}

65
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libcomponent.sh Normal file
View File

@@ -0,0 +1,65 @@
#!/bin/bash
#
# Library for managing Bitnami components
# Constants
CACHE_ROOT="/tmp/bitnami/pkg/cache"
DOWNLOAD_URL="https://downloads.bitnami.com/files/stacksmith"
# Functions
########################
# Download and unpack a Bitnami package
# Globals:
# OS_NAME
# OS_ARCH
# OS_FLAVOUR
# Arguments:
# $1 - component's name
# $2 - component's version
# Returns:
# None
#########################
component_unpack() {
local name="${1:?name is required}"
local version="${2:?version is required}"
local base_name="${name}-${version}-${OS_NAME}-${OS_ARCH}-${OS_FLAVOUR}"
local package_sha256=""
local directory="/opt/bitnami"
# Validate arguments
shift 2
while [ "$#" -gt 0 ]; do
case "$1" in
-c|--checksum)
shift
package_sha256="${1:?missing package checksum}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
echo "Downloading $base_name package"
if [ -f "${CACHE_ROOT}/${base_name}.tar.gz" ]; then
echo "${CACHE_ROOT}/${base_name}.tar.gz already exists, skipping download."
cp "${CACHE_ROOT}/${base_name}.tar.gz" .
rm "${CACHE_ROOT}/${base_name}.tar.gz"
if [ -f "${CACHE_ROOT}/${base_name}.tar.gz.sha256" ]; then
echo "Using the local sha256 from ${CACHE_ROOT}/${base_name}.tar.gz.sha256"
package_sha256="$(< "${CACHE_ROOT}/${base_name}.tar.gz.sha256")"
rm "${CACHE_ROOT}/${base_name}.tar.gz.sha256"
fi
else
curl --remote-name --silent --show-error --fail "${DOWNLOAD_URL}/${base_name}.tar.gz"
fi
if [ -n "$package_sha256" ]; then
echo "Verifying package integrity"
echo "$package_sha256 ${base_name}.tar.gz" | sha256sum --check - || exit "$?"
fi
tar --directory "${directory}" --extract --gunzip --file "${base_name}.tar.gz" --no-same-owner --strip-components=2
rm "${base_name}.tar.gz"
}

139
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libfile.sh Normal file
View File

@@ -0,0 +1,139 @@
#!/bin/bash
#
# Library for managing files
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libos.sh
# Functions
########################
# Replace a regex-matching string in a file
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - substitute regex
# $4 - use POSIX regex. Default: true
# Returns:
# None
#########################
replace_in_file() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local substitute_regex="${3:?substitute regex is required}"
local posix_regex=${4:-true}
local result
# We should avoid using 'sed in-place' substitutions
# 1) They are not compatible with files mounted from ConfigMap(s)
# 2) We found incompatibility issues with Debian10 and "in-place" substitutions
local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues
if [[ $posix_regex = true ]]; then
result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")"
else
result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")"
fi
echo "$result" > "$filename"
}
########################
# Replace a regex-matching multiline string in a file
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - substitute regex
# Returns:
# None
#########################
replace_in_file_multiline() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local substitute_regex="${3:?substitute regex is required}"
local result
local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues
result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")"
echo "$result" > "$filename"
}
########################
# Remove a line in a file based on a regex
# Arguments:
# $1 - filename
# $2 - match regex
# $3 - use POSIX regex. Default: true
# Returns:
# None
#########################
remove_in_file() {
local filename="${1:?filename is required}"
local match_regex="${2:?match regex is required}"
local posix_regex=${3:-true}
local result
# We should avoid using 'sed in-place' substitutions
# 1) They are not compatible with files mounted from ConfigMap(s)
# 2) We found incompatibility issues with Debian10 and "in-place" substitutions
if [[ $posix_regex = true ]]; then
result="$(sed -E "/$match_regex/d" "$filename")"
else
result="$(sed "/$match_regex/d" "$filename")"
fi
echo "$result" > "$filename"
}
########################
# Appends text after the last line matching a pattern
# Arguments:
# $1 - file
# $2 - match regex
# $3 - contents to add
# Returns:
# None
#########################
append_file_after_last_match() {
local file="${1:?missing file}"
local match_regex="${2:?missing pattern}"
local value="${3:?missing value}"
# We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again
result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)"
echo "$result" > "$file"
}
########################
# Wait until certain entry is present in a log file
# Arguments:
# $1 - entry to look for
# $2 - log file
# $3 - max retries. Default: 12
# $4 - sleep between retries (in seconds). Default: 5
# Returns:
# Boolean
#########################
wait_for_log_entry() {
local -r entry="${1:-missing entry}"
local -r log_file="${2:-missing log file}"
local -r retries="${3:-12}"
local -r interval_time="${4:-5}"
local attempt=0
check_log_file_for_entry() {
if ! grep -qE "$entry" "$log_file"; then
debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})"
return 1
fi
}
debug "Checking that ${log_file} log file contains entry \"${entry}\""
if retry_while check_log_file_for_entry "$retries" "$interval_time"; then
debug "Found entry \"${entry}\" in ${log_file}"
true
else
error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries"
debug_execute cat "$log_file"
return 1
fi
}

190
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libfs.sh Normal file
View File

@@ -0,0 +1,190 @@
#!/bin/bash
#
# Library for file system actions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Ensure a file/directory is owned (user and group) but the given user
# Arguments:
# $1 - filepath
# $2 - owner
# Returns:
# None
#########################
owned_by() {
local path="${1:?path is missing}"
local owner="${2:?owner is missing}"
local group="${3:-}"
if [[ -n $group ]]; then
chown "$owner":"$group" "$path"
else
chown "$owner":"$owner" "$path"
fi
}
########################
# Ensure a directory exists and, optionally, is owned by the given user
# Arguments:
# $1 - directory
# $2 - owner
# Returns:
# None
#########################
ensure_dir_exists() {
local dir="${1:?directory is missing}"
local owner_user="${2:-}"
local owner_group="${3:-}"
mkdir -p "${dir}"
if [[ -n $owner_user ]]; then
owned_by "$dir" "$owner_user" "$owner_group"
fi
}
########################
# Checks whether a directory is empty or not
# arguments:
# $1 - directory
# returns:
# boolean
#########################
is_dir_empty() {
local -r path="${1:?missing directory}"
# Calculate real path in order to avoid issues with symlinks
local -r dir="$(realpath "$path")"
if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then
true
else
false
fi
}
########################
# Checks whether a mounted directory is empty or not
# arguments:
# $1 - directory
# returns:
# boolean
#########################
is_mounted_dir_empty() {
local dir="${1:?missing directory}"
if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then
true
else
false
fi
}
########################
# Checks whether a file can be written to or not
# arguments:
# $1 - file
# returns:
# boolean
#########################
is_file_writable() {
local file="${1:?missing file}"
local dir
dir="$(dirname "$file")"
if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then
true
else
false
fi
}
########################
# Relativize a path
# arguments:
# $1 - path
# $2 - base
# returns:
# None
#########################
relativize() {
local -r path="${1:?missing path}"
local -r base="${2:?missing base}"
pushd "$base" >/dev/null || exit
realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||'
popd >/dev/null || exit
}
########################
# Configure permisions and ownership recursively
# Globals:
# None
# Arguments:
# $1 - paths (as a string).
# Flags:
# -f|--file-mode - mode for directories.
# -d|--dir-mode - mode for files.
# -u|--user - user
# -g|--group - group
# Returns:
# None
#########################
configure_permissions_ownership() {
local -r paths="${1:?paths is missing}"
local dir_mode=""
local file_mode=""
local user=""
local group=""
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-f | --file-mode)
shift
file_mode="${1:?missing mode for files}"
;;
-d | --dir-mode)
shift
dir_mode="${1:?missing mode for directories}"
;;
-u | --user)
shift
user="${1:?missing user}"
;;
-g | --group)
shift
group="${1:?missing group}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a filepaths <<<"$paths"
for p in "${filepaths[@]}"; do
if [[ -e "$p" ]]; then
if [[ -n $dir_mode ]]; then
find -L "$p" -type d -exec chmod "$dir_mode" {} \;
fi
if [[ -n $file_mode ]]; then
find -L "$p" -type f -exec chmod "$file_mode" {} \;
fi
if [[ -n $user ]] && [[ -n $group ]]; then
chown -LR "$user":"$group" "$p"
elif [[ -n $user ]] && [[ -z $group ]]; then
chown -LR "$user" "$p"
elif [[ -z $user ]] && [[ -n $group ]]; then
chgrp -LR "$group" "$p"
fi
else
stderr_print "$p does not exist"
fi
done
}

16
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libhook.sh Normal file
View File

@@ -0,0 +1,16 @@
#!/bin/bash
#
# Library to use for scripts expected to be used as Kubernetes lifecycle hooks
# shellcheck disable=SC1091
# Load generic libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libos.sh
# Override functions that log to stdout/stderr of the current process, so they print to process 1
for function_to_override in stderr_print debug_execute; do
# Output is sent to output of process 1 and thus end up in the container log
# The hook output in general isn't saved
eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2"
done

112
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/liblog.sh Normal file
View File

@@ -0,0 +1,112 @@
#!/bin/bash
#
# Library for logging functions
# Constants
RESET='\033[0m'
RED='\033[38;5;1m'
GREEN='\033[38;5;2m'
YELLOW='\033[38;5;3m'
MAGENTA='\033[38;5;5m'
CYAN='\033[38;5;6m'
# Functions
########################
# Print to STDERR
# Arguments:
# Message to print
# Returns:
# None
#########################
stderr_print() {
# 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it
local bool="${BITNAMI_QUIET:-false}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
printf "%b\\n" "${*}" >&2
fi
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
log() {
stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}"
}
########################
# Log an 'info' message
# Arguments:
# Message to log
# Returns:
# None
#########################
info() {
log "${GREEN}INFO ${RESET} ==> ${*}"
}
########################
# Log message
# Arguments:
# Message to log
# Returns:
# None
#########################
warn() {
log "${YELLOW}WARN ${RESET} ==> ${*}"
}
########################
# Log an 'error' message
# Arguments:
# Message to log
# Returns:
# None
#########################
error() {
log "${RED}ERROR${RESET} ==> ${*}"
}
########################
# Log a 'debug' message
# Globals:
# BITNAMI_DEBUG
# Arguments:
# None
# Returns:
# None
#########################
debug() {
# 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it
local bool="${BITNAMI_DEBUG:-false}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
log "${MAGENTA}DEBUG${RESET} ==> ${*}"
fi
}
########################
# Indent a string
# Arguments:
# $1 - string
# $2 - number of indentation characters (default: 4)
# $3 - indentation character (default: " ")
# Returns:
# None
#########################
indent() {
local string="${1:-}"
local num="${2:?missing num}"
local char="${3:-" "}"
# Build the indentation unit string
local indent_unit=""
for ((i = 0; i < num; i++)); do
indent_unit="${indent_unit}${char}"
done
# shellcheck disable=SC2001
# Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions
echo "$string" | sed "s/^/${indent_unit}/"
}

163
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libnet.sh Normal file
View File

@@ -0,0 +1,163 @@
#!/bin/bash
#
# Library for network functions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Resolve IP address for a host/domain (i.e. DNS lookup)
# Arguments:
# $1 - Hostname to resolve
# $2 - IP address version (v4, v6), leave empty for resolving to any version
# Returns:
# IP
#########################
dns_lookup() {
local host="${1:?host is missing}"
local ip_version="${2:-}"
getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1
}
#########################
# Wait for a hostname and return the IP
# Arguments:
# $1 - hostname
# $2 - number of retries
# $3 - seconds to wait between retries
# Returns:
# - IP address that corresponds to the hostname
#########################
wait_for_dns_lookup() {
local hostname="${1:?hostname is missing}"
local retries="${2:-5}"
local seconds="${3:-1}"
check_host() {
if [[ $(dns_lookup "$hostname") == "" ]]; then
false
else
true
fi
}
# Wait for the host to be ready
retry_while "check_host ${hostname}" "$retries" "$seconds"
dns_lookup "$hostname"
}
########################
# Get machine's IP
# Arguments:
# None
# Returns:
# Machine IP
#########################
get_machine_ip() {
local -a ip_addresses
local hostname
hostname="$(hostname)"
read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)"
if [[ "${#ip_addresses[@]}" -gt 1 ]]; then
warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}"
elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then
error "Could not find any IP address associated to hostname ${hostname}"
exit 1
fi
echo "${ip_addresses[0]}"
}
########################
# Check if the provided argument is a resolved hostname
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_hostname_resolved() {
local -r host="${1:?missing value}"
if [[ -n "$(dns_lookup "$host")" ]]; then
true
else
false
fi
}
########################
# Parse URL
# Globals:
# None
# Arguments:
# $1 - uri - String
# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String
# Returns:
# String
parse_uri() {
local uri="${1:?uri is missing}"
local component="${2:?component is missing}"
# Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with
# additional sub-expressions to split authority into userinfo, host and port
# Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969)
local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?'
# || | ||| | | | | | | | | |
# |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment
# 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #...
# | 4 authority
# 3 //...
local index=0
case "$component" in
scheme)
index=2
;;
authority)
index=4
;;
userinfo)
index=6
;;
host)
index=7
;;
port)
index=9
;;
path)
index=10
;;
query)
index=13
;;
fragment)
index=14
;;
*)
stderr_print "unrecognized component $component"
return 1
;;
esac
[[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}"
}
########################
# Wait for a HTTP connection to succeed
# Globals:
# *
# Arguments:
# $1 - URL to wait for
# $2 - Maximum amount of retries (optional)
# $3 - Time between retries (optional)
# Returns:
# true if the HTTP connection succeeded, false otherwise
#########################
wait_for_http_connection() {
local url="${1:?missing url}"
local retries="${2:-}"
local sleep_time="${3:-}"
if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then
error "Could not connect to ${url}"
return 1
fi
}

466
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libos.sh Normal file
View File

@@ -0,0 +1,466 @@
#!/bin/bash
#
# Library for operating system actions
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libvalidations.sh
# Functions
########################
# Check if an user exists in the system
# Arguments:
# $1 - user
# Returns:
# Boolean
#########################
user_exists() {
local user="${1:?user is missing}"
id "$user" >/dev/null 2>&1
}
########################
# Check if a group exists in the system
# Arguments:
# $1 - group
# Returns:
# Boolean
#########################
group_exists() {
local group="${1:?group is missing}"
getent group "$group" >/dev/null 2>&1
}
########################
# Create a group in the system if it does not exist already
# Arguments:
# $1 - group
# Flags:
# -i|--gid - the ID for the new group
# -s|--system - Whether to create new user as system user (uid <= 999)
# Returns:
# None
#########################
ensure_group_exists() {
local group="${1:?group is missing}"
local gid=""
local is_system_user=false
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-i | --gid)
shift
gid="${1:?missing gid}"
;;
-s | --system)
is_system_user=true
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if ! group_exists "$group"; then
local -a args=("$group")
if [[ -n "$gid" ]]; then
if group_exists "$gid"; then
error "The GID $gid is already in use." >&2
return 1
fi
args+=("--gid" "$gid")
fi
$is_system_user && args+=("--system")
groupadd "${args[@]}" >/dev/null 2>&1
fi
}
########################
# Create an user in the system if it does not exist already
# Arguments:
# $1 - user
# Flags:
# -i|--uid - the ID for the new user
# -g|--group - the group the new user should belong to
# -a|--append-groups - comma-separated list of supplemental groups to append to the new user
# -h|--home - the home directory for the new user
# -s|--system - whether to create new user as system user (uid <= 999)
# Returns:
# None
#########################
ensure_user_exists() {
local user="${1:?user is missing}"
local uid=""
local group=""
local append_groups=""
local home=""
local is_system_user=false
# Validate arguments
shift 1
while [ "$#" -gt 0 ]; do
case "$1" in
-i | --uid)
shift
uid="${1:?missing uid}"
;;
-g | --group)
shift
group="${1:?missing group}"
;;
-a | --append-groups)
shift
append_groups="${1:?missing append_groups}"
;;
-h | --home)
shift
home="${1:?missing home directory}"
;;
-s | --system)
is_system_user=true
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if ! user_exists "$user"; then
local -a user_args=("-N" "$user")
if [[ -n "$uid" ]]; then
if user_exists "$uid"; then
error "The UID $uid is already in use."
return 1
fi
user_args+=("--uid" "$uid")
else
$is_system_user && user_args+=("--system")
fi
useradd "${user_args[@]}" >/dev/null 2>&1
fi
if [[ -n "$group" ]]; then
local -a group_args=("$group")
$is_system_user && group_args+=("--system")
ensure_group_exists "${group_args[@]}"
usermod -g "$group" "$user" >/dev/null 2>&1
fi
if [[ -n "$append_groups" ]]; then
local -a groups
read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")"
for group in "${groups[@]}"; do
ensure_group_exists "$group"
usermod -aG "$group" "$user" >/dev/null 2>&1
done
fi
if [[ -n "$home" ]]; then
mkdir -p "$home"
usermod -d "$home" "$user" >/dev/null 2>&1
configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group"
fi
}
########################
# Check if the script is currently running as root
# Arguments:
# $1 - user
# $2 - group
# Returns:
# Boolean
#########################
am_i_root() {
if [[ "$(id -u)" = "0" ]]; then
true
else
false
fi
}
########################
# Print OS metadata
# Arguments:
# $1 - Flag name
# Flags:
# --id - Distro ID
# --version - Distro version
# --branch - Distro branch
# --codename - Distro codename
# Returns:
# String
#########################
get_os_metadata() {
local -r flag_name="${1:?missing flag}"
# Helper function
get_os_release_metadata() {
local -r env_name="${1:?missing environment variable name}"
(
. /etc/os-release
echo "${!env_name}"
)
}
case "$flag_name" in
--id)
get_os_release_metadata ID
;;
--version)
get_os_release_metadata VERSION_ID
;;
--branch)
get_os_release_metadata VERSION_ID | sed 's/\..*//'
;;
--codename)
get_os_release_metadata VERSION_CODENAME
;;
*)
error "Unknown flag ${flag_name}"
return 1
;;
esac
}
########################
# Get total memory available
# Arguments:
# None
# Returns:
# Memory in bytes
#########################
get_total_memory() {
echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024))
}
########################
# Get machine size depending on specified memory
# Globals:
# None
# Arguments:
# None
# Flags:
# --memory - memory size (optional)
# Returns:
# Detected instance size
#########################
get_machine_size() {
local memory=""
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
--memory)
shift
memory="${1:?missing memory}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
if [[ -z "$memory" ]]; then
debug "Memory was not specified, detecting available memory automatically"
memory="$(get_total_memory)"
fi
sanitized_memory=$(convert_to_mb "$memory")
if [[ "$sanitized_memory" -gt 26000 ]]; then
echo 2xlarge
elif [[ "$sanitized_memory" -gt 13000 ]]; then
echo xlarge
elif [[ "$sanitized_memory" -gt 6000 ]]; then
echo large
elif [[ "$sanitized_memory" -gt 3000 ]]; then
echo medium
elif [[ "$sanitized_memory" -gt 1500 ]]; then
echo small
else
echo micro
fi
}
########################
# Get machine size depending on specified memory
# Globals:
# None
# Arguments:
# $1 - memory size (optional)
# Returns:
# Detected instance size
#########################
get_supported_machine_sizes() {
echo micro small medium large xlarge 2xlarge
}
########################
# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048)
# Globals:
# None
# Arguments:
# $1 - memory size
# Returns:
# Result of the conversion
#########################
convert_to_mb() {
local amount="${1:-}"
if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then
size="${BASH_REMATCH[1]}"
unit="${BASH_REMATCH[2]}"
if [[ "$unit" = "g" || "$unit" = "G" ]]; then
amount="$((size * 1024))"
else
amount="$size"
fi
fi
echo "$amount"
}
#########################
# Redirects output to /dev/null if debug mode is disabled
# Globals:
# BITNAMI_DEBUG
# Arguments:
# $@ - Command to execute
# Returns:
# None
#########################
debug_execute() {
if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then
"$@"
else
"$@" >/dev/null 2>&1
fi
}
########################
# Retries a command a given number of times
# Arguments:
# $1 - cmd (as a string)
# $2 - max retries. Default: 12
# $3 - sleep between retries (in seconds). Default: 5
# Returns:
# Boolean
#########################
retry_while() {
local cmd="${1:?cmd is missing}"
local retries="${2:-12}"
local sleep_time="${3:-5}"
local return_value=1
read -r -a command <<<"$cmd"
for ((i = 1; i <= retries; i += 1)); do
"${command[@]}" && return_value=0 && break
sleep "$sleep_time"
done
return $return_value
}
########################
# Generate a random string
# Arguments:
# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii
# -c|--count - Number of characters, defaults to 32
# Arguments:
# None
# Returns:
# None
# Returns:
# String
#########################
generate_random_string() {
local type="ascii"
local count="32"
local filter
local result
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
-t | --type)
shift
type="$1"
;;
-c | --count)
shift
count="$1"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
# Validate type
case "$type" in
ascii)
filter="[:print:]"
;;
alphanumeric)
filter="a-zA-Z0-9"
;;
numeric)
filter="0-9"
;;
*)
echo "Invalid type ${type}" >&2
return 1
;;
esac
# Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size
# Note there is a very small chance of strings starting with EOL character
# Therefore, the higher amount of lines read, this will happen less frequently
result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")"
echo "$result"
}
########################
# Create md5 hash from a string
# Arguments:
# $1 - string
# Returns:
# md5 hash - string
#########################
generate_md5_hash() {
local -r str="${1:?missing input string}"
echo -n "$str" | md5sum | awk '{print $1}'
}
########################
# Create sha1 hash from a string
# Arguments:
# $1 - string
# $2 - algorithm - 1 (default), 224, 256, 384, 512
# Returns:
# sha1 hash - string
#########################
generate_sha_hash() {
local -r str="${1:?missing input string}"
local -r algorithm="${2:-1}"
echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}'
}
########################
# Converts a string to its hexadecimal representation
# Arguments:
# $1 - string
# Returns:
# hexadecimal representation of the string
#########################
convert_to_hex() {
local -r str=${1:?missing input string}
local -i iterator
local char
for ((iterator = 0; iterator < ${#str}; iterator++)); do
char=${str:iterator:1}
printf '%x' "'${char}"
done
}

122
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libpersistence.sh Normal file
View File

@@ -0,0 +1,122 @@
#!/bin/bash
#
# Bitnami persistence library
# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libversion.sh
# Functions
########################
# Persist an application directory
# Globals:
# BITNAMI_ROOT_DIR
# BITNAMI_VOLUME_DIR
# Arguments:
# $1 - App folder name
# $2 - List of app files to persist
# Returns:
# true if all steps succeeded, false otherwise
#########################
persist_app() {
local -r app="${1:?missing app}"
local -a files_to_restore
read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")"
local -r install_dir="${BITNAMI_ROOT_DIR}/${app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
# Persist the individual files
if [[ "${#files_to_persist[@]}" -le 0 ]]; then
warn "No files are configured to be persisted"
return
fi
pushd "$install_dir" >/dev/null || exit
local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder
local -r tmp_file="/tmp/perms.acl"
for file_to_persist in "${files_to_persist[@]}"; do
if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then
error "Cannot persist '${file_to_persist}' because it does not exist"
return 1
fi
file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")"
file_to_persist_destination="${persist_dir}/${file_to_persist_relative}"
file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")"
# Get original permissions for existing files, which will be applied later
# Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume
getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file"
# Copy directories to the volume
ensure_dir_exists "$file_to_persist_destination_folder"
cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder"
# Restore permissions
pushd "$persist_dir" >/dev/null || exit
if am_i_root; then
setfacl --restore="$tmp_file"
else
# When running as non-root, don't change ownership
setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file")
fi
popd >/dev/null || exit
done
popd >/dev/null || exit
rm -f "$tmp_file"
# Install the persisted files into the installation directory, via symlinks
restore_persisted_app "$@"
}
########################
# Restore a persisted application directory
# Globals:
# BITNAMI_ROOT_DIR
# BITNAMI_VOLUME_DIR
# FORCE_MAJOR_UPGRADE
# Arguments:
# $1 - App folder name
# $2 - List of app files to restore
# Returns:
# true if all steps succeeded, false otherwise
#########################
restore_persisted_app() {
local -r app="${1:?missing app}"
local -a files_to_restore
read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")"
local -r install_dir="${BITNAMI_ROOT_DIR}/${app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
# Restore the individual persisted files
if [[ "${#files_to_restore[@]}" -le 0 ]]; then
warn "No persisted files are configured to be restored"
return
fi
local file_to_restore_relative file_to_restore_origin file_to_restore_destination
for file_to_restore in "${files_to_restore[@]}"; do
file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")"
# We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed
file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")"
file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")"
rm -rf "$file_to_restore_origin"
ln -sfn "$file_to_restore_destination" "$file_to_restore_origin"
done
}
########################
# Check if an application directory was already persisted
# Globals:
# BITNAMI_VOLUME_DIR
# Arguments:
# $1 - App folder name
# Returns:
# true if all steps succeeded, false otherwise
#########################
is_app_initialized() {
local -r app="${1:?missing app}"
local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}"
if ! is_mounted_dir_empty "$persist_dir"; then
true
else
false
fi
}

273
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libservice.sh Normal file
View File

@@ -0,0 +1,273 @@
#!/bin/bash
#
# Library for managing services
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Read the provided pid file and returns a PID
# Arguments:
# $1 - Pid file
# Returns:
# PID
#########################
get_pid_from_file() {
local pid_file="${1:?pid file is missing}"
if [[ -f "$pid_file" ]]; then
if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then
echo "$(< "$pid_file")"
fi
fi
}
########################
# Check if a provided PID corresponds to a running service
# Arguments:
# $1 - PID
# Returns:
# Boolean
#########################
is_service_running() {
local pid="${1:?pid is missing}"
kill -0 "$pid" 2>/dev/null
}
########################
# Stop a service by sending a termination signal to its pid
# Arguments:
# $1 - Pid file
# $2 - Signal number (optional)
# Returns:
# None
#########################
stop_service_using_pid() {
local pid_file="${1:?pid file is missing}"
local signal="${2:-}"
local pid
pid="$(get_pid_from_file "$pid_file")"
[[ -z "$pid" ]] || ! is_service_running "$pid" && return
if [[ -n "$signal" ]]; then
kill "-${signal}" "$pid"
else
kill "$pid"
fi
local counter=10
while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do
sleep 1
counter=$((counter - 1))
done
}
########################
# Start cron daemon
# Arguments:
# None
# Returns:
# true if started correctly, false otherwise
#########################
cron_start() {
if [[ -x "/usr/sbin/cron" ]]; then
/usr/sbin/cron
elif [[ -x "/usr/sbin/crond" ]]; then
/usr/sbin/crond
else
false
fi
}
########################
# Generate a cron configuration file for a given service
# Arguments:
# $1 - Service name
# $2 - Command
# Flags:
# --run-as - User to run as (default: root)
# --schedule - Cron schedule configuration (default: * * * * *)
# Returns:
# None
#########################
generate_cron_conf() {
local service_name="${1:?service name is missing}"
local cmd="${2:?command is missing}"
local run_as="root"
local schedule="* * * * *"
local clean="true"
local clean="true"
# Parse optional CLI flags
shift 2
while [[ "$#" -gt 0 ]]; do
case "$1" in
--run-as)
shift
run_as="$1"
;;
--schedule)
shift
schedule="$1"
;;
--no-clean)
clean="false"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
mkdir -p /etc/cron.d
if "$clean"; then
echo "${schedule} ${run_as} ${cmd}" > /etc/cron.d/"$service_name"
else
echo "${schedule} ${run_as} ${cmd}" >> /etc/cron.d/"$service_name"
fi
}
########################
# Remove a cron configuration file for a given service
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_cron_conf() {
local service_name="${1:?service name is missing}"
local cron_conf_dir="/etc/monit/conf.d"
rm -f "${cron_conf_dir}/${service_name}"
}
########################
# Generate a monit configuration file for a given service
# Arguments:
# $1 - Service name
# $2 - Pid file
# $3 - Start command
# $4 - Stop command
# Flags:
# --disable - Whether to disable the monit configuration
# Returns:
# None
#########################
generate_monit_conf() {
local service_name="${1:?service name is missing}"
local pid_file="${2:?pid file is missing}"
local start_command="${3:?start command is missing}"
local stop_command="${4:?stop command is missing}"
local monit_conf_dir="/etc/monit/conf.d"
local disabled="no"
# Parse optional CLI flags
shift 4
while [[ "$#" -gt 0 ]]; do
case "$1" in
--disable)
disabled="yes"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
is_boolean_yes "$disabled" && conf_suffix=".disabled"
mkdir -p "$monit_conf_dir"
cat >"${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <<EOF
check process ${service_name}
with pidfile "${pid_file}"
start program = "${start_command}" with timeout 90 seconds
stop program = "${stop_command}" with timeout 90 seconds
EOF
}
########################
# Remove a monit configuration file for a given service
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_monit_conf() {
local service_name="${1:?service name is missing}"
local monit_conf_dir="/etc/monit/conf.d"
rm -f "${monit_conf_dir}/${service_name}.conf"
}
########################
# Generate a logrotate configuration file
# Arguments:
# $1 - Service name
# $2 - Log files pattern
# Flags:
# --period - Period
# --rotations - Number of rotations to store
# --extra - Extra options (Optional)
# Returns:
# None
#########################
generate_logrotate_conf() {
local service_name="${1:?service name is missing}"
local log_path="${2:?log path is missing}"
local period="weekly"
local rotations="150"
local extra=""
local logrotate_conf_dir="/etc/logrotate.d"
local var_name
# Parse optional CLI flags
shift 2
while [[ "$#" -gt 0 ]]; do
case "$1" in
--period|--rotations|--extra)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
declare "$var_name"="${1:?"$var_name" is missing}"
;;
*)
echo "Invalid command line flag ${1}" >&2
return 1
;;
esac
shift
done
mkdir -p "$logrotate_conf_dir"
cat <<EOF | sed '/^\s*$/d' >"${logrotate_conf_dir}/${service_name}"
${log_path} {
${period}
rotate ${rotations}
dateext
compress
copytruncate
missingok
$(indent "$extra" 2)
}
EOF
}
########################
# Remove a logrotate configuration file
# Arguments:
# $1 - Service name
# Returns:
# None
#########################
remove_logrotate_conf() {
local service_name="${1:?service name is missing}"
local logrotate_conf_dir="/etc/logrotate.d"
rm -f "${logrotate_conf_dir}/${service_name}"
}

264
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libvalidations.sh Normal file
View File

@@ -0,0 +1,264 @@
#!/bin/bash
#
# Validation functions library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Check if the provided argument is an integer
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_int() {
local -r int="${1:?missing value}"
if [[ "$int" =~ ^-?[0-9]+ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a positive integer
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_positive_int() {
local -r int="${1:?missing value}"
if is_int "$int" && (( "${int}" >= 0 )); then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean or is the string 'yes/true'
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_boolean_yes() {
local -r bool="${1:-}"
# comparison is performed without regard to the case of alphabetic characters
shopt -s nocasematch
if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean yes/no value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_yes_no_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(yes|no)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean true/false value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_true_false_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^(true|false)$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is a boolean 1/0 value
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_1_0_value() {
local -r bool="${1:-}"
if [[ "$bool" =~ ^[10]$ ]]; then
true
else
false
fi
}
########################
# Check if the provided argument is an empty string or not defined
# Arguments:
# $1 - Value to check
# Returns:
# Boolean
#########################
is_empty_value() {
local -r val="${1:-}"
if [[ -z "$val" ]]; then
true
else
false
fi
}
########################
# Validate if the provided argument is a valid port
# Arguments:
# $1 - Port to validate
# Returns:
# Boolean and error message
#########################
validate_port() {
local value
local unprivileged=0
# Parse flags
while [[ "$#" -gt 0 ]]; do
case "$1" in
-unprivileged)
unprivileged=1
;;
--)
shift
break
;;
-*)
stderr_print "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [[ "$#" -gt 1 ]]; then
echo "too many arguments provided"
return 2
elif [[ "$#" -eq 0 ]]; then
stderr_print "missing port argument"
return 1
else
value=$1
fi
if [[ -z "$value" ]]; then
echo "the value is empty"
return 1
else
if ! is_int "$value"; then
echo "value is not an integer"
return 2
elif [[ "$value" -lt 0 ]]; then
echo "negative value provided"
return 2
elif [[ "$value" -gt 65535 ]]; then
echo "requested port is greater than 65535"
return 2
elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then
echo "privileged port requested"
return 3
fi
fi
}
########################
# Validate if the provided argument is a valid IPv4 address
# Arguments:
# $1 - IP to validate
# Returns:
# Boolean
#########################
validate_ipv4() {
local ip="${1:?ip is missing}"
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")"
[[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \
&& ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]]
stat=$?
fi
return $stat
}
########################
# Validate a string format
# Arguments:
# $1 - String to validate
# Returns:
# Boolean
#########################
validate_string() {
local string
local min_length=-1
local max_length=-1
# Parse flags
while [ "$#" -gt 0 ]; do
case "$1" in
-min-length)
shift
min_length=${1:-}
;;
-max-length)
shift
max_length=${1:-}
;;
--)
shift
break
;;
-*)
stderr_print "unrecognized flag $1"
return 1
;;
*)
break
;;
esac
shift
done
if [ "$#" -gt 1 ]; then
stderr_print "too many arguments provided"
return 2
elif [ "$#" -eq 0 ]; then
stderr_print "missing string"
return 1
else
string=$1
fi
if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then
echo "string length is less than $min_length"
return 1
fi
if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then
echo "string length is great than $max_length"
return 1
fi
}

49
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libversion.sh Normal file
View File

@@ -0,0 +1,49 @@
#!/bin/bash
#
# Library for managing versions strings
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/liblog.sh
# Functions
########################
# Gets semantic version
# Arguments:
# $1 - version: string to extract major.minor.patch
# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch
# Returns:
# array with the major, minor and release
#########################
get_sematic_version () {
local version="${1:?version is required}"
local section="${2:?section is required}"
local -a version_sections
#Regex to parse versions: x.y.z
local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?'
if [[ "$version" =~ $regex ]]; then
local i=1
local j=1
local n=${#BASH_REMATCH[*]}
while [[ $i -lt $n ]]; do
if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then
version_sections[$j]=${BASH_REMATCH[$i]}
((j++))
fi
((i++))
done
local number_regex='^[0-9]+$'
if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then
echo "${version_sections[$section]}"
return
else
stderr_print "Section allowed values are: 1, 2, and 3"
return 1
fi
fi
}

458
bitnami/drupal-nginx/9/debian-10/prebuildfs/opt/bitnami/scripts/libwebserver.sh Normal file
View File

@@ -0,0 +1,458 @@
#!/bin/bash
#
# Bitnami web server handler library
# shellcheck disable=SC1090,SC1091
# Load generic libraries
. /opt/bitnami/scripts/liblog.sh
########################
# Execute a command (or list of commands) with the web server environment and library loaded
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_execute() {
local -r web_server="${1:?missing web server}"
shift
# Run program in sub-shell to avoid web server environment getting loaded when not necessary
(
. "/opt/bitnami/scripts/lib${web_server}.sh"
. "/opt/bitnami/scripts/${web_server}-env.sh"
"$@"
)
}
########################
# Prints the list of enabled web servers
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_list() {
local -r -a supported_web_servers=(apache nginx)
local -a existing_web_servers=()
for web_server in "${supported_web_servers[@]}"; do
[[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server")
done
echo "${existing_web_servers[@]:-}"
}
########################
# Prints the currently-enabled web server type (only one, in order of preference)
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_type() {
local -a web_servers
read -r -a web_servers <<< "$(web_server_list)"
echo "${web_servers[0]:-}"
}
########################
# Validate that a supported web server is configured
# Globals:
# None
# Arguments:
# None
# Returns:
# None
#########################
web_server_validate() {
local error_code=0
local supported_web_servers=("apache" "nginx")
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then
print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}"
elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then
print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable."
fi
return "$error_code"
}
########################
# Check whether the web server is running
# Globals:
# *
# Arguments:
# None
# Returns:
# true if the web server is running, false otherwise
#########################
is_web_server_running() {
"is_$(web_server_type)_running"
}
########################
# Start web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_start() {
info "Starting $(web_server_type) in background"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh"
}
########################
# Stop web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_stop() {
info "Stopping $(web_server_type)"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh"
}
########################
# Restart web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_restart() {
info "Restarting $(web_server_type)"
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh"
}
########################
# Reload web server
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_reload() {
"${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh"
}
########################
# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --type - Application type, which has an effect on which configuration template to use
# --hosts - Host listen addresses
# --server-name - Server name
# --server-aliases - Server aliases
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --disable - Whether to render server configurations with a .disabled prefix
# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix
# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix
# --http-port - HTTP port number
# --https-port - HTTPS port number
# --document-root - Path to document root directory
# Apache-specific flags:
# --apache-additional-configuration - Additional vhost configuration (no default)
# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default)
# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default)
# --apache-before-vhost-configuration - Configuration to add before the <VirtualHost> directive (no default)
# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined)
# --apache-extra-directory-configuration - Extra configuration for the document root directory
# --apache-proxy-address - Address where to proxy requests
# --apache-proxy-configuration - Extra configuration for the proxy
# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost
# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost
# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined)
# NGINX-specific flags:
# --nginx-additional-configuration - Additional server block configuration (no default)
# --nginx-external-configuration - Configuration external to server block (no default)
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_web_server_app_configuration_exists() {
local app="${1:?missing app}"
shift
local -a apache_args nginx_args web_servers args_var
apache_args=("$app")
nginx_args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--disable \
| --disable-http \
| --disable-https \
)
apache_args+=("$1")
nginx_args+=("$1")
;;
--hosts \
| --server-name \
| --server-aliases \
| --type \
| --allow-remote-connections \
| --http-port \
| --https-port \
| --document-root \
)
apache_args+=("$1" "${2:?missing value}")
nginx_args+=("$1" "${2:?missing value}")
shift
;;
# Specific Apache flags
--apache-additional-configuration \
| --apache-additional-http-configuration \
| --apache-additional-https-configuration \
| --apache-before-vhost-configuration \
| --apache-allow-override \
| --apache-extra-directory-configuration \
| --apache-proxy-address \
| --apache-proxy-configuration \
| --apache-proxy-http-configuration \
| --apache-proxy-https-configuration \
| --apache-move-htaccess \
)
apache_args+=("${1//apache-/}" "${2:?missing value}")
shift
;;
# Specific NGINX flags
--nginx-additional-configuration \
| --nginx-external-configuration)
nginx_args+=("${1//nginx-/}" "${2:?missing value}")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
args_var="${web_server}_args[@]"
web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}"
done
}
########################
# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Returns:
# true if the configuration was disabled, false otherwise
########################
ensure_web_server_app_configuration_not_exists() {
local app="${1:?missing app}"
local -a web_servers
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app"
done
}
########################
# Ensure the web server loads the configuration for an application in a URL prefix
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --document-root - Path to document root directory
# --prefix - URL prefix from where it will be accessible (i.e. /myapp)
# --type - Application type, which has an effect on what configuration template will be used
# Apache-specific flags:
# --apache-additional-configuration - Additional vhost configuration (no default)
# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no')
# --apache-extra-directory-configuration - Extra configuration for the document root directory
# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup
# NGINX-specific flags:
# --nginx-additional-configuration - Additional server block configuration (no default)
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_web_server_prefix_configuration_exists() {
local app="${1:?missing app}"
shift
local -a apache_args nginx_args web_servers args_var
apache_args=("$app")
nginx_args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--allow-remote-connections \
| --document-root \
| --prefix \
| --type \
)
apache_args+=("$1" "${2:?missing value}")
nginx_args+=("$1" "${2:?missing value}")
shift
;;
# Specific Apache flags
--apache-additional-configuration \
| --apache-allow-override \
| --apache-extra-directory-configuration \
| --apache-move-htaccess \
)
apache_args+=("${1//apache-/}" "$2")
shift
;;
# Specific NGINX flags
--nginx-additional-configuration)
nginx_args+=("${1//nginx-/}" "$2")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
args_var="${web_server}_args[@]"
web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}"
done
}
########################
# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports)
# It serves as a wrapper for the specific web server function
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --hosts - Host listen addresses
# --server-name - Server name
# --server-aliases - Server aliases
# --enable-http - Enable HTTP app configuration (if not enabled already)
# --enable-https - Enable HTTPS app configuration (if not enabled already)
# --disable-http - Disable HTTP app configuration (if not disabled already)
# --disable-https - Disable HTTPS app configuration (if not disabled already)
# --http-port - HTTP port number
# --https-port - HTTPS port number
# Returns:
# true if the configuration was updated, false otherwise
########################
web_server_update_app_configuration() {
local app="${1:?missing app}"
shift
local -a args web_servers
args=("$app")
# Validate arguments
while [[ "$#" -gt 0 ]]; do
case "$1" in
# Common flags
--enable-http \
| --enable-https \
| --disable-http \
| --disable-https \
)
args+=("$1")
;;
--hosts \
| --server-name \
| --server-aliases \
| --http-port \
| --https-port \
)
args+=("$1" "${2:?missing value}")
shift
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
read -r -a web_servers <<< "$(web_server_list)"
for web_server in "${web_servers[@]}"; do
web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}"
done
}
########################
# Enable loading page, which shows users that the initialization process is not yet completed
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_enable_loading_page() {
ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \
--apache-additional-configuration "
# Show a HTTP 503 Service Unavailable page by default
RedirectMatch 503 ^/$
# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes
ErrorDocument 404 /index.html
ErrorDocument 503 /index.html" \
--nginx-additional-configuration "
# Show a HTTP 503 Service Unavailable page by default
location / {
return 503;
}
# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes
error_page 404 @installing;
error_page 503 @installing;
location @installing {
rewrite ^(.*)$ /index.html break;
}"
web_server_reload
}
########################
# Enable loading page, which shows users that the initialization process is not yet completed
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
web_server_disable_install_page() {
ensure_web_server_app_configuration_not_exists "__loading"
web_server_reload
}

24
bitnami/drupal-nginx/9/debian-10/prebuildfs/usr/sbin/install_packages Executable file
View File

@@ -0,0 +1,24 @@
#!/bin/sh
set -e
set -u
export DEBIAN_FRONTEND=noninteractive
n=0
max=2
until [ $n -gt $max ]; do
set +e
(
apt-get update -qq &&
apt-get install -y --no-install-recommends "$@"
)
CODE=$?
set -e
if [ $CODE -eq 0 ]; then
break
fi
if [ $n -eq $max ]; then
exit $CODE
fi
echo "apt failed, retrying"
n=$(($n + 1))
done
rm -r /var/lib/apt/lists /var/cache/apt/archives

17
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/nginx/conf/bitnami/certs/server.crt Normal file
View File

@@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE-----
MIICqDCCAZACCQCz8T3726LYsjANBgkqhkiG9w0BAQUFADAWMRQwEgYDVQQDDAtl
eGFtcGxlLmNvbTAeFw0xMjExMTQxMTE4MjdaFw0yMjExMTIxMTE4MjdaMBYxFDAS
BgNVBAMMC2V4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5NHl5TfZtO6zugau2tp5mWIcQYJhuwKTmYeXDLYAGJpoD2SixwPL5c8glneI
Rz1N2EQIZVeaWGbS0FLFlPdOkCkplpW9isYVC4XqKrk5b4HW4+YC+Cup0k+Kd4NM
eZOTUvWr5N6dIpdibkVumBc/pao8VtdwywlCL/PwGRsQtkXrRICzdtRa3MXqTmEF
foyVCGgBRtronlB9x4Plfb8Psk4GrPkjrWYgO8peKrl0O5+F+sYg7Gj95zCH73BQ
ANzCVNrgD9fs9cyx3ru9CUdEoIxAAJwQFkjm7xr6xqhIlSgnQ7B0uOSTNRcXY6rw
s+PxGneec/kRPRgzjC/QHY6n8QIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBbyMqF
RDsX8zX1EW5qA8AQ8Jb2XqWrVeSO8blMV3WagJ2airMm3+c/82FCwsd/cZ08UXhA
/Kou0gi/F16tV26PiiUdp590Qao3d8H2qxc1rzzULimZPgxH4iA4vRyMHtyZN6h4
7Fdn7O9xNMPu8siOz8rrzsEdEX5URbOMkDLCZsbTIUWVv2XmqrR0K10d5VuLWeLi
r+4G6c6jpa244WmqT9ClqceJ12G1Wnmezy7ybiW0l5M2iuIKFEiRP5Hj0J15o1I2
pXAbKysAdWRHsJSQOtcgO8Vh9k0wo3tKg4HDp1hbrEzoGzOv92Vjg3lG8X+hzbMJ
MQURotHkD4Gk57wL
-----END CERTIFICATE-----

27
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/nginx/conf/bitnami/certs/server.key Normal file
View File

@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA5NHl5TfZtO6zugau2tp5mWIcQYJhuwKTmYeXDLYAGJpoD2Si
xwPL5c8glneIRz1N2EQIZVeaWGbS0FLFlPdOkCkplpW9isYVC4XqKrk5b4HW4+YC
+Cup0k+Kd4NMeZOTUvWr5N6dIpdibkVumBc/pao8VtdwywlCL/PwGRsQtkXrRICz
dtRa3MXqTmEFfoyVCGgBRtronlB9x4Plfb8Psk4GrPkjrWYgO8peKrl0O5+F+sYg
7Gj95zCH73BQANzCVNrgD9fs9cyx3ru9CUdEoIxAAJwQFkjm7xr6xqhIlSgnQ7B0
uOSTNRcXY6rws+PxGneec/kRPRgzjC/QHY6n8QIDAQABAoIBACo3G131tuGtpFTu
xLW11vdYZXQklNlGuWp63IBI162yVv54B5wF9Ek6tH1uIiNaiREcRBxGVEB4/+3V
R4SbN9Ba98RDbgu7TcipdTFaqOEMqFO1bNjSXWtip14zSBmqA2Ur1AHOnFj0awGD
J8tBhsmOpcEz0Ch1VdO5ApPvLV8jH9wQiMI/Q6yYQMtmzTMCUMYdMqe+LOziIOzL
oqN/WXnKL5E5TiO1bIxSpWPbT+IVn1c3/PShmvmRrLWsFUQlkwXJKMYZPO+rCCfe
b+Q9lMLMnj+vOnM3z16WC3aiiJGCZjVTvQ+x22YrBTRPxZmHO2eZ4H/cUQM7Y/tw
I7RjEM0CgYEA9Kxt1t8bWonzBii3P0rwyx0IECvg63k+pp4BpxpeWQKL7NVdSzk3
AyJVcNjUoZgi2kVPdxzZGLrnZfuZ691xQB3oZF0LwBzQ4GFHkTRCB0s8ZA5lcJaI
9pBu91bhz2VOZSTeQWpdMMURjXVyTXZInU1mwzmjVOIAYmO33shH9gcCgYEA72mX
UoIrFPLkOTSZOb7UbjYH01vf6ThQiYCEWg7mD3CbY7n9oobIcQMzNnt7xN4wOl/V
eKfZ7G56q8enfqm45Dyo9aCBCENVzmwO8wLe5UnvJBNL20KjvtwG8w5A6UZQzC7p
3QS+U2zxVQNEeaE6a8Wrq2d1PlhVAHYw8odgNEcCgYBN38+58xrmrz99d1oTuAt5
6kyVsRGOgPGS4HmQMRFUbT4R7DscZSKASd4945WRtTVqmWLYe4MRnvNlfzYXX0zb
ZmmAAClsRP+qWuwHaEWXwrd+9SIOOqtvJrta1/lZJFpWUOy4j10H18Flb7sosnwc
LPWHL4Iv0xriNfDg5Iga4wKBgQDLJBU59SkJBW+Q+oho7vrg6QeK15IOGbJ8eYfT
woCC6VFwNQh5N1QsUELMH8rNKJpTba18SzAl5ThBOY9tciVnw/C5Og9CK6BLHnUw
zWbDtxAq1BSxXsIB2EAtTBLX3MoB9myJFNVJhE7hi3w2mA8yEu+u6IIa/Ghjk+XE
ZAnFUQKBgQDjMinRZrK5wA09jcetI+dNiLnKHoQG6OaXDDsNCatex0O2F36BvVXE
P78qDz/i5aBMWsLx6VDvWJAkBIpZoNS5UsOn17tFaocGUSkcm48bs8Dn6VvsE8Bd
XMPAHyKuILlKYifBvNq5T22KhqKX7yGmk/AeOOiKr2KeMnh27JYrCA==
-----END RSA PRIVATE KEY-----

4
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf Normal file
View File

@@ -0,0 +1,4 @@
# Deny all attempts to access hidden files such as .htaccess or .htpasswd
location ~ /\. {
deny all;
}

60
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/nginx/conf/nginx.conf Normal file
View File

@@ -0,0 +1,60 @@
# Based on https://www.nginx.com/resources/wiki/start/topics/examples/full/#nginx-conf
user www www; ## Default: nobody
worker_processes auto;
error_log "/opt/bitnami/nginx/logs/error.log";
pid "/opt/bitnami/nginx/tmp/nginx.pid";
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log "/opt/bitnami/nginx/logs/access.log" main;
add_header X-Frame-Options SAMEORIGIN;
client_body_temp_path "/opt/bitnami/nginx/tmp/client_body" 1 2;
proxy_temp_path "/opt/bitnami/nginx/tmp/proxy" 1 2;
fastcgi_temp_path "/opt/bitnami/nginx/tmp/fastcgi" 1 2;
scgi_temp_path "/opt/bitnami/nginx/tmp/scgi" 1 2;
uwsgi_temp_path "/opt/bitnami/nginx/tmp/uwsgi" 1 2;
sendfile on;
tcp_nopush on;
tcp_nodelay off;
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/javascript text/xml application/xml+rss;
keepalive_timeout 65;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
client_max_body_size 80M;
server_tokens off;
absolute_redirect off;
port_in_redirect off;
include "/opt/bitnami/nginx/conf/server_blocks/*.conf";
# HTTP Server
server {
# Port to listen on, can also be set in IP:PORT format
listen 80;
include "/opt/bitnami/nginx/conf/bitnami/*.conf";
location /status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}
}

118
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/drupal-env.sh Normal file
View File

@@ -0,0 +1,118 @@
#!/bin/bash
#
# Environment configuration for drupal
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-drupal}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# By setting an environment variable matching *_FILE to a file path, the prefixed environment
# variable will be overridden with the value specified in that file
drupal_env_vars=(
DRUPAL_DATA_TO_PERSIST
DRUPAL_PROFILE
DRUPAL_SITE_NAME
DRUPAL_SKIP_BOOTSTRAP
DRUPAL_ENABLE_MODULES
DRUPAL_CONFIG_SYNC_DIR
DRUPAL_HASH_SALT
DRUPAL_USERNAME
DRUPAL_PASSWORD
DRUPAL_EMAIL
DRUPAL_SMTP_HOST
DRUPAL_SMTP_PORT_NUMBER
DRUPAL_SMTP_USER
DRUPAL_SMTP_PASSWORD
DRUPAL_SMTP_PROTOCOL
DRUPAL_DATABASE_HOST
DRUPAL_DATABASE_PORT_NUMBER
DRUPAL_DATABASE_NAME
DRUPAL_DATABASE_USER
DRUPAL_DATABASE_PASSWORD
DRUPAL_DATABASE_TLS_CA_FILE
SMTP_HOST
SMTP_PORT
DRUPAL_SMTP_PORT
SMTP_USER
SMTP_PASSWORD
SMTP_PROTOCOL
MARIADB_HOST
MARIADB_PORT_NUMBER
)
for env_var in "${drupal_env_vars[@]}"; do
file_env_var="${env_var}_FILE"
if [[ -n "${!file_env_var:-}" ]]; then
if [[ -r "${!file_env_var:-}" ]]; then
export "${env_var}=$(< "${!file_env_var}")"
unset "${file_env_var}"
else
warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
fi
fi
done
unset drupal_env_vars
# Paths
export DRUPAL_BASE_DIR="${BITNAMI_ROOT_DIR}/drupal"
export DRUPAL_CONF_FILE="${DRUPAL_BASE_DIR}/sites/default/settings.php"
export DRUPAL_MODULES_DIR="${DRUPAL_BASE_DIR}/modules"
# Drupal persistence configuration
export DRUPAL_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/drupal"
export DRUPAL_MOUNTED_CONF_FILE="${DRUPAL_VOLUME_DIR}/settings.php"
export DRUPAL_DATA_TO_PERSIST="${DRUPAL_DATA_TO_PERSIST:-sites/ themes/ modules/ profiles/}"
# Drupal configuration
export DRUPAL_PROFILE="${DRUPAL_PROFILE:-standard}" # only used during the first initialization
export DRUPAL_SITE_NAME="${DRUPAL_SITE_NAME:-My blog}" # only used during the first initialization
export DRUPAL_SKIP_BOOTSTRAP="${DRUPAL_SKIP_BOOTSTRAP:-}" # only used during the first initialization
export DRUPAL_ENABLE_MODULES="${DRUPAL_ENABLE_MODULES:-}" # only used during the first initialization
export DRUPAL_CONFIG_SYNC_DIR="${DRUPAL_CONFIG_SYNC_DIR:-}" # only used during the first initialization
export DRUPAL_HASH_SALT="${DRUPAL_HASH_SALT:-}" # only used during the first initialization
# Drupal credentials
export DRUPAL_USERNAME="${DRUPAL_USERNAME:-user}" # only used during the first initialization
export DRUPAL_PASSWORD="${DRUPAL_PASSWORD:-bitnami}" # only used during the first initialization
export DRUPAL_EMAIL="${DRUPAL_EMAIL:-user@example.com}" # only used during the first initialization
# Drupal SMTP credentials
DRUPAL_SMTP_HOST="${DRUPAL_SMTP_HOST:-"${SMTP_HOST:-}"}"
export DRUPAL_SMTP_HOST="${DRUPAL_SMTP_HOST:-}" # only used during the first initialization
DRUPAL_SMTP_PORT_NUMBER="${DRUPAL_SMTP_PORT_NUMBER:-"${SMTP_PORT:-}"}"
DRUPAL_SMTP_PORT_NUMBER="${DRUPAL_SMTP_PORT_NUMBER:-"${DRUPAL_SMTP_PORT:-}"}"
export DRUPAL_SMTP_PORT_NUMBER="${DRUPAL_SMTP_PORT_NUMBER:-25}" # only used during the first initialization
DRUPAL_SMTP_USER="${DRUPAL_SMTP_USER:-"${SMTP_USER:-}"}"
export DRUPAL_SMTP_USER="${DRUPAL_SMTP_USER:-}" # only used during the first initialization
DRUPAL_SMTP_PASSWORD="${DRUPAL_SMTP_PASSWORD:-"${SMTP_PASSWORD:-}"}"
export DRUPAL_SMTP_PASSWORD="${DRUPAL_SMTP_PASSWORD:-}" # only used during the first initialization
DRUPAL_SMTP_PROTOCOL="${DRUPAL_SMTP_PROTOCOL:-"${SMTP_PROTOCOL:-}"}"
export DRUPAL_SMTP_PROTOCOL="${DRUPAL_SMTP_PROTOCOL:-standard}" # only used during the first initialization
# Database configuration
export DRUPAL_DEFAULT_DATABASE_HOST="mariadb" # only used at build time
DRUPAL_DATABASE_HOST="${DRUPAL_DATABASE_HOST:-"${MARIADB_HOST:-}"}"
export DRUPAL_DATABASE_HOST="${DRUPAL_DATABASE_HOST:-$DRUPAL_DEFAULT_DATABASE_HOST}" # only used during the first initialization
DRUPAL_DATABASE_PORT_NUMBER="${DRUPAL_DATABASE_PORT_NUMBER:-"${MARIADB_PORT_NUMBER:-}"}"
export DRUPAL_DATABASE_PORT_NUMBER="${DRUPAL_DATABASE_PORT_NUMBER:-3306}" # only used during the first initialization
export DRUPAL_DATABASE_NAME="${DRUPAL_DATABASE_NAME:-bitnami_drupal}" # only used during the first initialization
export DRUPAL_DATABASE_USER="${DRUPAL_DATABASE_USER:-bn_drupal}" # only used during the first initialization
export DRUPAL_DATABASE_PASSWORD="${DRUPAL_DATABASE_PASSWORD:-}" # only used during the first initialization
export DRUPAL_DATABASE_TLS_CA_FILE="${DRUPAL_DATABASE_TLS_CA_FILE:-}" # only used during the first initialization
# PHP configuration
export PHP_DEFAULT_MEMORY_LIMIT="256M" # only used at build time
# Custom environment variables may be defined below

31
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/drupal/entrypoint.sh Executable file
View File

@@ -0,0 +1,31 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load Drupal environment
. /opt/bitnami/scripts/drupal-env.sh
# Load libraries
. /opt/bitnami/scripts/libbitnami.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libwebserver.sh
print_welcome_page
if [[ "$1" = "/opt/bitnami/scripts/$(web_server_type)/run.sh" || "$1" = "/opt/bitnami/scripts/nginx-php-fpm/run.sh" ]]; then
info "** Starting Drupal setup **"
/opt/bitnami/scripts/"$(web_server_type)"/setup.sh
/opt/bitnami/scripts/php/setup.sh
/opt/bitnami/scripts/mysql-client/setup.sh
/opt/bitnami/scripts/drupal/setup.sh
/post-init.sh
info "** Drupal setup finished! **"
fi
echo ""
exec "$@"

127
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/drupal/postunpack.sh Executable file
View File

@@ -0,0 +1,127 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load Drupal environment
. /opt/bitnami/scripts/drupal-env.sh
# Load PHP environment for 'php_conf_set' (after 'drupal-env.sh' so that MODULE is not set to a wrong value)
. /opt/bitnami/scripts/php-env.sh
# Load libraries
. /opt/bitnami/scripts/libdrupal.sh
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libwebserver.sh
# Load web server environment and functions (after Drupal environment file so MODULE is not set to a wrong value)
. "/opt/bitnami/scripts/$(web_server_type)-env.sh"
# Enable Drupal configuration file
[[ ! -f "$DRUPAL_CONF_FILE" ]] && cp "${DRUPAL_BASE_DIR}/sites/default/default.settings.php" "$DRUPAL_CONF_FILE"
# Create .htaccess file to avoid warning in Drupal administration panel
drupal_fix_htaccess_warning_protection
# Ensure the Drupal base directory exists and has proper permissions
info "Configuring file permissions for Drupal"
for dir in "$DRUPAL_BASE_DIR" "${DRUPAL_BASE_DIR}/sites/default/files" "$DRUPAL_VOLUME_DIR" "${HOME}/.drush"; do
ensure_dir_exists "$dir"
configure_permissions_ownership "$dir" -d "775" -f "664"
done
for dir in "${DRUPAL_BASE_DIR}/themes" "${DRUPAL_BASE_DIR}/modules" "${DRUPAL_BASE_DIR}/sites/default/files"; do
ensure_dir_exists "$dir"
configure_permissions_ownership "$dir" -u "$WEB_SERVER_DAEMON_USER" -g "root"
done
chown "$WEB_SERVER_DAEMON_USER" "${DRUPAL_BASE_DIR}/sites/default"
chown "$WEB_SERVER_DAEMON_USER" "$DRUPAL_CONF_FILE"
for script in "${DRUPAL_BASE_DIR}/vendor/drush/drush/drush" "${DRUPAL_BASE_DIR}/vendor/drush/drush/drush.launcher"; do
[[ -f "$script" ]] && chmod +x "$script"
done
# Configure Drupal based on build-time defaults
drupal_conf_set "\$settings['trusted_host_patterns']" "array('^.*$')" yes
# Configure required PHP options for application to work properly, based on build-time defaults
info "Configuring default PHP options for Drupal"
php_conf_set memory_limit "$PHP_DEFAULT_MEMORY_LIMIT"
# Enable default web server configuration for Drupal
info "Creating default web server configuration for Drupal"
web_server_validate
ensure_web_server_app_configuration_exists "drupal" \
--type php \
--nginx-additional-configuration $'
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/sites/.*/private/ {
return 403;
}
# Block access to scripts in site files directory
location ~ ^/sites/[^/]+/files/.*\.php$ {
deny all;
}
# Allow "Well-Known URIs" as per RFC 5785
location ~* ^/.well-known/ {
allow all;
}
location / {
try_files $uri /index.php?$query_string;
}
location @rewrite {
rewrite ^/(.*)$ /index.php?q=$1;
}
# Don\'t allow direct access to PHP files in the vendor directory.
location ~ /vendor/.*\.php$ {
deny all;
return 404;
}
# Fighting with Styles? This little gem is amazing.
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
# Handle private files through Drupal. Private file\'s path can come
# with a language prefix.
location ~ ^(/[a-z\-]+)?/system/files/ {
try_files $uri /index.php?$query_string;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
try_files $uri @rewrite;
expires max;
log_not_found off;
}'
# Fix common issues running Drupal on top of the NGINX web server, if enabled
# See: https://pantheon.io/blog/update-your-nginx-config-drupal-8
nginx_php_fpm_conf_file="${BITNAMI_ROOT_DIR}/nginx/conf/bitnami/php-fpm.conf"
if [[ -f "$nginx_php_fpm_conf_file" ]]; then
replace_in_file "$nginx_php_fpm_conf_file" '^(\s*)(fastcgi_index\s+index\.php;)$' '\1\2\n\1fastcgi_split_path_info ^(.+?\.php)(|/.*)$;'
replace_in_file "$nginx_php_fpm_conf_file" '(\s\\.php\$)(\s)' '\1|^/update.php\2'
fi
# Re-create .htaccess file after being moved into 'apache/conf/vhosts/htaccess' directory, to avoid Drupal warning
drupal_fix_htaccess_warning_protection

36
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/drupal/setup.sh Executable file
View File

@@ -0,0 +1,36 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load Drupal environment
. /opt/bitnami/scripts/drupal-env.sh
# Load MySQL Client environment for 'mysql_remote_execute' (after 'drupal-env.sh' so that MODULE is not set to a wrong value)
if [[ -f /opt/bitnami/scripts/mysql-client-env.sh ]]; then
. /opt/bitnami/scripts/mysql-client-env.sh
elif [[ -f /opt/bitnami/scripts/mysql-env.sh ]]; then
. /opt/bitnami/scripts/mysql-env.sh
elif [[ -f /opt/bitnami/scripts/mariadb-env.sh ]]; then
. /opt/bitnami/scripts/mariadb-env.sh
fi
# Load libraries
. /opt/bitnami/scripts/libdrupal.sh
. /opt/bitnami/scripts/libwebserver.sh
# Load web server environment and functions (after Drupal environment file so MODULE is not set to a wrong value)
. "/opt/bitnami/scripts/$(web_server_type)-env.sh"
# Ensure Drupal environment variables are valid
drupal_validate
# Update web server configuration with runtime environment (needs to happen before the initialization)
web_server_update_app_configuration "drupal"
# Ensure Drupal is initialized
drupal_initialize

573
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/libdrupal.sh Normal file
View File

@@ -0,0 +1,573 @@
#!/bin/bash
#
# Bitnami Drupal library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/libnet.sh
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/libversion.sh
. /opt/bitnami/scripts/libpersistence.sh
. /opt/bitnami/scripts/libwebserver.sh
# Load database library
if [[ -f /opt/bitnami/scripts/libmysqlclient.sh ]]; then
. /opt/bitnami/scripts/libmysqlclient.sh
elif [[ -f /opt/bitnami/scripts/libmysql.sh ]]; then
. /opt/bitnami/scripts/libmysql.sh
elif [[ -f /opt/bitnami/scripts/libmariadb.sh ]]; then
. /opt/bitnami/scripts/libmariadb.sh
fi
########################
# Validate settings in DRUPAL_* env vars
# Globals:
# DRUPAL_*
# Arguments:
# None
# Returns:
# 0 if the validation succeeded, 1 otherwise
#########################
drupal_validate() {
debug "Validating settings in DRUPAL_* environment variables..."
local error_code=0
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
check_multi_value() {
if [[ " ${2} " != *" ${!1} "* ]]; then
print_validation_error "The allowed values for ${1} are: ${2}"
fi
}
check_yes_no_value() {
if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then
print_validation_error "The allowed values for ${1} are: yes no"
fi
}
check_resolved_hostname() {
if ! is_hostname_resolved "$1"; then
warn "Hostname $1 could not be resolved. This could lead to connection issues"
fi
}
check_mounted_file() {
if [[ -n "${!1:-}" ]] && ! [[ -f "${!1:-}" ]]; then
print_validation_error "The variable ${1} is defined but the file ${!1} is not accessible or does not exist"
fi
}
check_valid_port() {
local port_var="${1:?missing port variable}"
local err
if ! err="$(validate_port "${!port_var}")"; then
print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}."
fi
}
# Warn users in case the configuration file is not writable
is_file_writable "$DRUPAL_CONF_FILE" || warn "The Drupal configuration file '${DRUPAL_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied for this file."
# Validate user inputs
! is_empty_value "$DRUPAL_SKIP_BOOTSTRAP" && check_yes_no_value "DRUPAL_SKIP_BOOTSTRAP"
! is_empty_value "$DRUPAL_DATABASE_PORT_NUMBER" && check_valid_port "DRUPAL_DATABASE_PORT_NUMBER"
! is_empty_value "$DRUPAL_DATABASE_HOST" && check_resolved_hostname "$DRUPAL_DATABASE_HOST"
check_mounted_file "DRUPAL_DATABASE_TLS_CA_FILE"
# Validate database credentials
if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then
warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment."
else
for empty_env_var in "DRUPAL_DATABASE_PASSWORD" "DRUPAL_PASSWORD"; do
is_empty_value "${!empty_env_var}" && print_validation_error "The ${empty_env_var} environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments."
done
fi
# Validate SMTP credentials
if ! is_empty_value "$DRUPAL_SMTP_HOST"; then
for empty_env_var in "DRUPAL_SMTP_USER" "DRUPAL_SMTP_PASSWORD"; do
is_empty_value "${!empty_env_var}" && warn "The ${empty_env_var} environment variable is empty or not set."
done
is_empty_value "$DRUPAL_SMTP_PORT_NUMBER" && print_validation_error "The DRUPAL_SMTP_PORT_NUMBER environment variable is empty or not set."
! is_empty_value "$DRUPAL_SMTP_PORT_NUMBER" && check_valid_port "DRUPAL_SMTP_PORT_NUMBER"
! is_empty_value "$DRUPAL_SMTP_PROTOCOL" && check_multi_value "DRUPAL_SMTP_PROTOCOL" "standard tls ssl"
fi
# Check that the web server is properly set up
web_server_validate || print_validation_error "Web server validation failed"
return "$error_code"
}
########################
# Ensure Drupal is initialized
# Globals:
# DRUPAL_*
# Arguments:
# None
# Returns:
# None
#########################
drupal_initialize() {
# Update Drupal configuration via mounted configuration files and environment variables
if is_file_writable "$DRUPAL_CONF_FILE"; then
# Enable mounted configuration files
if [[ -f "$DRUPAL_MOUNTED_CONF_FILE" ]]; then
info "Found mounted Drupal configuration file '${DRUPAL_MOUNTED_CONF_FILE}', copying to '${DRUPAL_CONF_FILE}'"
cp "$DRUPAL_MOUNTED_CONF_FILE" "$DRUPAL_CONF_FILE"
return
fi
fi
# Check if Drupal has already been initialized and persisted in a previous run
local -r app_name="drupal"
if ! is_app_initialized "$app_name"; then
info "Trying to connect to the database server"
drupal_wait_for_db_connection "$DRUPAL_DATABASE_HOST" "$DRUPAL_DATABASE_PORT_NUMBER" "$DRUPAL_DATABASE_NAME" "$DRUPAL_DATABASE_USER" "$DRUPAL_DATABASE_PASSWORD"
# Ensure the Drupal base directory exists and has proper permissions
info "Configuring file permissions for Drupal"
ensure_dir_exists "$DRUPAL_VOLUME_DIR"
# Use daemon:root ownership for compatibility when running as a non-root user
am_i_root && configure_permissions_ownership "$DRUPAL_VOLUME_DIR" -d "775" -f "664" -u "$WEB_SERVER_DAEMON_USER" -g "root"
if ! is_boolean_yes "$DRUPAL_SKIP_BOOTSTRAP"; then
# Perform initial bootstrapping for Drupal
info "Installing Drupal site"
drupal_site_install
if ! is_empty_value "$DRUPAL_ENABLE_MODULES"; then
info "Enabling Drupal modules"
drupal_enable_modules
fi
if ! is_empty_value "$DRUPAL_SMTP_HOST"; then
info "Configuring SMTP"
drupal_configure_smtp
fi
info "Flushing Drupal cache"
drupal_flush_cache
else
info "An already initialized Drupal database was provided, configuration will be skipped"
if is_empty_value "$DRUPAL_DATABASE_TLS_CA_FILE"; then
drupal_set_database_settings
else
drupal_set_database_ssl_settings
fi
# Drupal expects a directory for storing site configuration
# For more info see https://www.drupal.org/docs/configuration-management
drupal_create_config_directory
# Drupal needs a hash value to build one-time login links, cancel links, form tokens, etc.
drupal_set_hash_salt
drupal_update_database
fi
info "Persisting Drupal installation"
persist_app "$app_name" "$DRUPAL_DATA_TO_PERSIST"
else
info "Restoring persisted Drupal installation"
restore_persisted_app "$app_name" "$DRUPAL_DATA_TO_PERSIST"
info "Trying to connect to the database server"
db_host="$(drupal_database_conf_get 'host')"
db_port="$(drupal_database_conf_get 'port')"
db_name="$(drupal_database_conf_get 'database')"
db_user="$(drupal_database_conf_get 'username')"
db_pass="$(drupal_database_conf_get 'password')"
drupal_wait_for_db_connection "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass"
drupal_update_database
fi
# Avoid exit code of previous commands to affect the result of this function
true
}
########################
# Get a database entry from the Drupal configuration file (settings.php)
# Globals:
# DRUPAL_*
# Arguments:
# $1 - Key
# Returns:
# None
#########################
drupal_database_conf_get() {
local -r key="${1:?key missing}"
debug "Getting ${key} from Drupal database configuration"
grep -E "^\s*'${key}' =>" "$DRUPAL_CONF_FILE" | grep -E -o "=> '.*'" | cut -f2 -d\'
}
########################
# Add or modify an entry in the Drupal configuration file (settings.php)
# Globals:
# DRUPAL_*
# Arguments:
# $1 - PHP variable name
# $2 - Value to assign to the PHP variable
# $3 - Whether the value is a literal, or if instead it should be quoted (default: no)
# Returns:
# None
#########################
drupal_conf_set() {
local -r key="${1:?key missing}"
local -r value="${2:?value missing}"
local -r is_literal="${3:-no}"
debug "Setting ${key} to '${value}' in Drupal configuration (literal: ${is_literal})"
# Sanitize key (sed does not support fixed string substitutions)
local sanitized_pattern
sanitized_pattern="^(#\s*)?$(sed 's/[]\[^$.*/]/\\&/g' <<< "$key")\s*=.*"
local entry
is_boolean_yes "$is_literal" && entry="${key} = $value;" || entry="${key} = '$value';"
# Check if the configuration exists in the file
if grep -q -E "$sanitized_pattern" "$DRUPAL_CONF_FILE"; then
# It exists, so replace the line
replace_in_file "$DRUPAL_CONF_FILE" "$sanitized_pattern" "$entry"
else
echo "$entry" >> "$DRUPAL_CONF_FILE"
fi
}
########################
# Wait until the database is accessible with the currently-known credentials
# Globals:
# *
# Arguments:
# $1 - database host
# $2 - database port
# $3 - database name
# $4 - database username
# $5 - database user password (optional)
# Returns:
# true if the database connection succeeded, false otherwise
#########################
drupal_wait_for_db_connection() {
local -r db_host="${1:?missing database host}"
local -r db_port="${2:?missing database port}"
local -r db_name="${3:?missing database name}"
local -r db_user="${4:?missing database user}"
local -r db_pass="${5:-}"
check_mysql_connection() {
echo "SELECT 1" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass"
}
if ! retry_while "check_mysql_connection"; then
error "Could not connect to the database"
return 1
fi
}
########################
# Drupal Site Install
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
drupal_site_install() {
is_empty_value "$DRUPAL_DATABASE_TLS_CA_FILE" || drupal_set_database_ssl_settings
(
# Unfortunately there is no way to disable mail sending via sendmail when installing Drupal
# The "hack" consists of overriding the sendmail path to an executable that does nothing (i.e. "/bin/true")
# This is also what Drush is doing in their CI
PHP_OPTIONS="-d sendmail_path=$(which true)"
export PHP_OPTIONS
drush_execute "site:install" \
"--db-url=mysql://${DRUPAL_DATABASE_USER}:${DRUPAL_DATABASE_PASSWORD}@${DRUPAL_DATABASE_HOST}:${DRUPAL_DATABASE_PORT_NUMBER}/${DRUPAL_DATABASE_NAME}" \
"--account-name=${DRUPAL_USERNAME}" \
"--account-mail=${DRUPAL_EMAIL}" \
"--account-pass=${DRUPAL_PASSWORD}" \
"--site-name=${DRUPAL_SITE_NAME}" \
"--site-mail=${DRUPAL_EMAIL}" \
"-y" "$DRUPAL_PROFILE"
)
# When Drupal settings are patched to allow SSL database connections, the database settings block is duplicated
# after the installation with Drush
is_empty_value "$DRUPAL_DATABASE_TLS_CA_FILE" || drupal_remove_duplicated_database_settings
# Restrict permissions of the configuration file to keep the site secure
if am_i_root; then
configure_permissions_ownership "$DRUPAL_CONF_FILE" -u "root" -g "$WEB_SERVER_DAEMON_USER" -f "644"
fi
}
########################
# Create Drupal sync configuration directory (DRUPAL_SKIP_BOOTSTRAP only)
# Globals:
# DRUPAL_BASE_DIR
# Arguments:
# None
# Returns:
# None
#########################
drupal_create_config_directory() {
local config_sync_dir="${DRUPAL_CONFIG_SYNC_DIR:-}"
if is_empty_value "$config_sync_dir"; then
config_sync_dir="${DRUPAL_BASE_DIR}/sites/default/files/config_$(generate_random_string -t alphanumeric -c 16)"
fi
ensure_dir_exists "$config_sync_dir"
drupal_conf_set "\$settings['config_sync_directory']" "$config_sync_dir"
}
########################
# Create Drupal hash salt value (DRUPAL_SKIP_BOOTSTRAP only)
# Globals:
# DRUPAL_HASH_SALT
# Arguments:
# None
# Returns:
# None
#########################
drupal_set_hash_salt() {
local hash_salt="${DRUPAL_HASH_SALT:-}"
if is_empty_value "$hash_salt"; then
hash_salt="$(generate_random_string -t alphanumeric -c 32)"
fi
drupal_conf_set "\$settings['hash_salt']" "$hash_salt"
}
########################
# Execute Drush Tool
# Globals:
# *
# Arguments:
# $@ - Arguments to pass to the Drush tool
# Returns:
# None
#########################
drush_execute() {
if am_i_root; then
debug_execute gosu "$WEB_SERVER_DAEMON_USER" drush "--root=${DRUPAL_BASE_DIR}" "$@"
else
debug_execute drush "--root=${DRUPAL_BASE_DIR}" "$@"
fi
}
########################
# Execute Drush Tool to set a config option
# Globals:
# *
# Arguments:
# $1 - config group
# $2 - config key
# $3 - config value
# Returns:
# None
#########################
drush_config_set() {
local -r group="${1:?missing config group}"
local -r key="${2:?missing config key}"
local -r value="${3:-}"
local -r major_version="$(get_sematic_version "$(drupal_get_version)" 1)"
if [[ "$major_version" -gt 7 ]]; then
drush_execute "config-set" "--yes" "$group" "$key" "$value"
else
drush_execute "variable-set" "$key" "$value"
fi
}
########################
# Get Drupal version
# Globals:
# *
# Arguments:
# None
# Returns:
# Version string
#########################
drupal_get_version() {
BITNAMI_DEBUG=true drush_execute "status" "drupal-version" "--pipe" | grep -E -o '[0-9.]+'
}
########################
# Drupal enable modules
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
drupal_enable_modules() {
local -a modules
read -r -a modules <<< "${DRUPAL_ENABLE_MODULES/,/ }"
[[ "${#modules[@]}" -gt 0 ]] || return 0
drush_execute "pm:enable" "--yes" "${modules[@]}"
}
########################
# Drupal configure SMTP
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
drupal_configure_smtp() {
local -r major_version="$(get_sematic_version "$(drupal_get_version)" 1)"
drush_execute "pm:enable" "--yes" "smtp"
if [[ "$major_version" -gt 7 ]]; then
drush_config_set "system.mail" "interface.default" "SMTPMailSystem"
else
drush_execute "php:eval" 'variable_set("mail_system", array("default-system" => "SmtpMailSystem"))'
fi
drush_config_set "smtp.settings" "smtp_on" "1"
drush_config_set "smtp.settings" "smtp_host" "$DRUPAL_SMTP_HOST"
drush_config_set "smtp.settings" "smtp_port" "$DRUPAL_SMTP_PORT_NUMBER"
drush_config_set "smtp.settings" "smtp_protocol" "$DRUPAL_SMTP_PROTOCOL"
drush_config_set "smtp.settings" "smtp_username" "$DRUPAL_SMTP_USER"
drush_config_set "smtp.settings" "smtp_password" "$DRUPAL_SMTP_PASSWORD"
drush_config_set "smtp.settings" "smtp_from" "$DRUPAL_EMAIL"
drush_config_set "smtp.settings" "smtp_fromname" "$DRUPAL_SITE_NAME"
}
########################
# Drupal flush cache
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
drupal_flush_cache() {
local -r major_version="$(get_sematic_version "$(drupal_get_version)" 1)"
if [[ "$major_version" -gt 7 ]]; then
drush_execute "cache:rebuild"
else
# This is occasionally needed by modules that make system-wide changes to access levels.
drush_execute "php:eval" 'node_access_rebuild();'
drush_execute "cache:clear" "all"
fi
}
########################
# Drupal update database
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
drupal_update_database() {
debug 'Upgrading Drupal database with drush...'
drush_execute "updatedb"
}
########################
# Drupal set database SSL settings
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
drupal_set_database_ssl_settings() {
cat >>"$DRUPAL_CONF_FILE" <<EOF
\$databases['default']['default'] = array ( // Database block with SSL support
'database' => '${DRUPAL_DATABASE_NAME}',
'username' => '${DRUPAL_DATABASE_USER}',
'password' => '${DRUPAL_DATABASE_PASSWORD}',
'prefix' => '',
'host' => '${DRUPAL_DATABASE_HOST}',
'port' => '${DRUPAL_DATABASE_PORT_NUMBER}',
'namespace' => 'Drupal\\Core\\Database\\Driver\\mysql',
'driver' => 'mysql',
'pdo' => array (
PDO::MYSQL_ATTR_SSL_CA => '${DRUPAL_DATABASE_TLS_CA_FILE}',
PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => 0
)
);
EOF
}
########################
# Drupal set database non-SSL settings (DRUPAL_SKIP_BOOTSTRAP only)
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
drupal_set_database_settings() {
cat >>"$DRUPAL_CONF_FILE" <<EOF
\$databases['default']['default'] = array ( // Database block with SSL support
'database' => '${DRUPAL_DATABASE_NAME}',
'username' => '${DRUPAL_DATABASE_USER}',
'password' => '${DRUPAL_DATABASE_PASSWORD}',
'prefix' => '',
'host' => '${DRUPAL_DATABASE_HOST}',
'port' => '${DRUPAL_DATABASE_PORT_NUMBER}',
'namespace' => 'Drupal\\Core\\Database\\Driver\\mysql',
'driver' => 'mysql',
);
EOF
}
########################
# Drupal remove duplicated database block from settings file
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
drupal_remove_duplicated_database_settings() {
local -r first_line_block=$'\$databases\[\'default\'\]\[\'default\'\] = array \($'
local -r last_line_block='\);'
remove_in_file "$DRUPAL_CONF_FILE" "${first_line_block}/,/${last_line_block}"
}
########################
# Drupal fix htaccess warning protection.
# Drupal checks for the htaccess file to prevent malicious attacks
# Globals:
# *
# Arguments:
# None
# Returns:
# None
#########################
drupal_fix_htaccess_warning_protection() {
local -r files_dir="${DRUPAL_BASE_DIR}/sites/default/files/"
local -r htaccess_file="${files_dir}/.htaccess"
ensure_dir_exists "$files_dir"
cat <<EOF >"$htaccess_file"
# Recommended protections: https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2013-11-20/sa-core-2013-003-drupal-core
# Turn off all options we don\'t need.
Options -Indexes -ExecCGI -Includes -MultiViews
# Set the catch-all handler to prevent scripts from being executed.
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
<Files *>
# Override the handler again if we\'re run later in the evaluation list.
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003
</Files>
# If we know how to do it safely, disable the PHP engine entirely.
<IfModule mod_php7.c>
php_flag engine off
</IfModule>
EOF
}

1084
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/libmysqlclient.sh Normal file
View File

File diff suppressed because it is too large Load Diff

623
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/libnginx.sh Normal file
View File

@@ -0,0 +1,623 @@
#!/bin/bash
#
# Bitnami NGINX library
# shellcheck disable=SC1090,SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/libservice.sh
. /opt/bitnami/scripts/libvalidations.sh
# Functions
########################
# Check if NGINX is running
# Globals:
# NGINX_TMP_DIR
# Arguments:
# None
# Returns:
# Boolean
#########################
is_nginx_running() {
local pid
pid="$(get_pid_from_file "$NGINX_PID_FILE")"
if [[ -n "$pid" ]]; then
is_service_running "$pid"
else
false
fi
}
########################
# Check if NGINX is not running
# Globals:
# NGINX_TMP_DIR
# Arguments:
# None
# Returns:
# Boolean
#########################
is_nginx_not_running() {
! is_nginx_running
}
########################
# Stop NGINX
# Globals:
# NGINX_TMP_DIR
# Arguments:
# None
# Returns:
# None
#########################
nginx_stop() {
! is_nginx_running && return
debug "Stopping NGINX"
stop_service_using_pid "$NGINX_PID_FILE"
}
########################
# Configure NGINX server block port
# Globals:
# NGINX_CONF_DIR
# Arguments:
# $1 - Port number
# $2 - (optional) Path to server block file
# Returns:
# None
#########################
nginx_configure_port() {
local port=${1:?missing port}
local file=${2:-"$NGINX_CONF_FILE"}
if is_file_writable "$file"; then
local nginx_configuration
debug "Setting port number to ${port} in '${file}'"
# TODO: find an appropriate NGINX parser to avoid 'sed calls'
nginx_configuration="$(sed -E "s/(listen\s+)[0-9]{1,5}(.*);/\1${port}\2;/g" "$file")"
echo "$nginx_configuration" >"$file"
fi
}
########################
# Configure NGINX directives
# Globals:
# NGINX_CONF_DIR
# Arguments:
# $1 - Directive to modify
# $2 - Value
# $3 - (optional) Path to server block file
# Returns:
# None
#########################
nginx_configure() {
local directive=${1:?missing directive}
local value=${2:?missing value}
local file=${3:-"$NGINX_CONF_FILE"}
if is_file_writable "$file"; then
local nginx_configuration
debug "Setting directive '${directive}' to '${value}' in '${file}'"
nginx_configuration="$(sed -E "s/(\s*${directive}\s+)(.+);/\1${value};/g" "$file")"
echo "$nginx_configuration" >"$file"
fi
}
########################
# Validate settings in NGINX_* env vars
# Globals:
# NGINX_*
# Arguments:
# None
# Returns:
# None
#########################
nginx_validate() {
info "Validating settings in NGINX_* env vars"
local error_code=0
# Auxiliary functions
print_validation_error() {
error "$1"
error_code=1
}
check_yes_no_value() {
if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then
print_validation_error "The allowed values for ${1} are: yes no"
fi
}
! is_empty_value "$NGINX_ENABLE_ABSOLUTE_REDIRECT" && check_yes_no_value "NGINX_ENABLE_ABSOLUTE_REDIRECT"
! is_empty_value "$NGINX_ENABLE_PORT_IN_REDIRECT" && check_yes_no_value "NGINX_ENABLE_PORT_IN_REDIRECT"
if [[ -n "${NGINX_HTTP_PORT_NUMBER:-}" ]]; then
local -a validate_port_args=()
! am_i_root && validate_port_args+=("-unprivileged")
validate_port_args+=("${NGINX_HTTP_PORT_NUMBER}")
if ! err=$(validate_port "${validate_port_args[@]}"); then
print_validation_error "An invalid port was specified in the environment variable NGINX_HTTP_PORT_NUMBER: $err"
fi
fi
if ! is_file_writable "$NGINX_CONF_FILE"; then
warn "The NGINX configuration file '${NGINX_CONF_FILE}' is not writable by current user. Configurations based on environment variables will not be applied."
fi
return "$error_code"
}
########################
# Initialize NGINX
# Globals:
# NGINX_*
# Arguments:
# None
# Returns:
# None
#########################
nginx_initialize() {
info "Initializing NGINX"
# This fixes an issue where the trap would kill the entrypoint.sh, if a PID was left over from a previous run
# Exec replaces the process without creating a new one, and when the container is restarted it may have the same PID
rm -f "${NGINX_TMP_DIR}/nginx.pid"
# Persisted configuration files from old versions
if [[ -f "$NGINX_VOLUME_DIR/conf/nginx.conf" ]]; then
error "A 'nginx.conf' file was found inside '${NGINX_VOLUME_DIR}/conf'. This configuration is not supported anymore. Please mount the configuration file at '${NGINX_CONF_FILE}' instead."
exit 1
fi
if ! is_dir_empty "$NGINX_VOLUME_DIR/conf/vhosts"; then
error "Custom server blocks files were found inside '$NGINX_VOLUME_DIR/conf/vhosts'. This configuration is not supported anymore. Please mount your custom server blocks config files at '${NGINX_SERVER_BLOCKS_DIR}' instead."
exit 1
fi
debug "Updating NGINX configuration based on environment variables"
local nginx_user_configuration
if am_i_root; then
debug "Ensuring NGINX daemon user/group exists"
ensure_user_exists "$NGINX_DAEMON_USER" --group "$NGINX_DAEMON_GROUP"
if [[ -n "${NGINX_DAEMON_USER:-}" ]]; then
chown -R "${NGINX_DAEMON_USER:-}" "$NGINX_TMP_DIR"
fi
nginx_configure "user" "${NGINX_DAEMON_USER:-} ${NGINX_DAEMON_GROUP:-}"
else
# The "user" directive makes sense only if the master process runs with super-user privileges
# TODO: find an appropriate NGINX parser to avoid 'sed calls'
nginx_user_configuration="$(sed -E "s/(^user)/# \1/g" "$NGINX_CONF_FILE")"
is_file_writable "$NGINX_CONF_FILE" && echo "$nginx_user_configuration" >"$NGINX_CONF_FILE"
fi
if [[ -n "${NGINX_HTTP_PORT_NUMBER:-}" ]]; then
nginx_configure_port "$NGINX_HTTP_PORT_NUMBER"
fi
nginx_configure "absolute_redirect" "$(is_boolean_yes "$NGINX_ENABLE_ABSOLUTE_REDIRECT" && echo "on" || echo "off" )"
nginx_configure "port_in_redirect" "$(is_boolean_yes "$NGINX_ENABLE_PORT_IN_REDIRECT" && echo "on" || echo "off" )"
}
########################
# Ensure an NGINX application configuration exists (in server block format)
# Globals:
# NGINX_*
# Arguments:
# $1 - App name
# Flags:
# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty)
# --hosts - Host listen addresses
# --server-name - Server name (if not specified, a catch-all server block will be created)
# --server-aliases - Server aliases
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --disable - Whether to render the app's server blocks with a .disabled prefix
# --disable-http - Whether to render the app's HTTP server block with a .disabled prefix
# --disable-https - Whether to render the app's HTTPS server block with a .disabled prefix
# --http-port - HTTP port number
# --https-port - HTTPS port number
# --additional-configuration - Additional server block configuration (no default)
# --external-configuration - Configuration external to server block (no default)
# --document-root - Path to document root directory
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_nginx_app_configuration_exists() {
export app="${1:?missing app}"
# Default options
local type=""
local -a hosts=()
local server_name
local -a server_aliases=()
local allow_remote_connections="yes"
local disable="no"
local disable_http="no"
local disable_https="no"
# Template variables defaults
export additional_configuration=""
export external_configuration=""
export document_root="${BITNAMI_ROOT_DIR}/${app}"
export http_port="${NGINX_HTTP_PORT_NUMBER:-"$NGINX_DEFAULT_HTTP_PORT_NUMBER"}"
export https_port="${NGINX_HTTPS_PORT_NUMBER:-"$NGINX_DEFAULT_HTTPS_PORT_NUMBER"}"
# Validate arguments
local var_name
shift
while [[ "$#" -gt 0 ]]; do
case "$1" in
--hosts | \
--server-aliases)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
read -r -a "$var_name" <<<"$1"
;;
--disable | \
--disable-http | \
--disable-https)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
export "${var_name}=yes"
;;
--type | \
--server-name | \
--allow-remote-connections | \
--http-port | \
--https-port | \
--additional-configuration | \
--external-configuration | \
--document-root | \
--extra-directory-configuration)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
export "${var_name}"="$1"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
# Construct host string in the format of "listen host1:port1", "listen host2:port2", ...
export http_listen_configuration=""
export https_listen_configuration=""
if [[ "${#hosts[@]}" -gt 0 ]]; then
for host in "${hosts[@]}"; do
http_listen=$'\n'"listen ${host}:${http_port};"
https_listen=$'\n'"listen ${host}:${https_port} ssl;"
[[ -z "${http_listen_configuration:-}" ]] && http_listen_configuration="$http_listen" || http_listen_configuration="${http_listen_configuration}${http_listen}"
[[ -z "${https_listen_configuration:-}" ]] && https_listen_configuration="$https_listen" || https_listen_configuration="${https_listen_configuration}${https_listen}"
done
else
http_listen_configuration=$'\n'"listen ${http_port} default_server;"
https_listen_configuration=$'\n'"listen ${https_port} ssl default_server;"
fi
# Construct server_name block
export server_name_configuration=""
if ! is_empty_value "${server_name:-}"; then
server_name_configuration="server_name ${server_name}"
if [[ "${#server_aliases[@]}" -gt 0 ]]; then
server_name_configuration+=" ${server_aliases[*]}"
fi
server_name_configuration+=";"
else
server_name_configuration="
# Catch-all server block
# See: https://nginx.org/en/docs/http/server_names.html#miscellaneous_names
server_name _;"
fi
# ACL configuration
export acl_configuration=""
if ! is_boolean_yes "$allow_remote_connections"; then
acl_configuration="
default_type text/html;
if (\$remote_addr != 127.0.0.1) {
return 403 'For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.';
}
# Avoid absolute redirects when connecting through a SSH tunnel
absolute_redirect off;"
fi
# Indent configurations
server_name_configuration="$(indent $'\n'"$server_name_configuration" 4)"
acl_configuration="$(indent "$acl_configuration" 4)"
additional_configuration=$'\n'"$(indent "$additional_configuration" 4)"
external_configuration=$'\n'"$external_configuration"
http_listen_configuration="$(indent "$http_listen_configuration" 4)"
https_listen_configuration="$(indent "$https_listen_configuration" 4)"
# Render templates
# We remove lines that are empty or contain only newspaces with 'sed', so the resulting file looks better
local template_name="app"
[[ -n "$type" && "$type" != "php" ]] && template_name="app-${type}"
local template_dir="${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates"
local http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf"
local https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf"
local -r disable_suffix=".disabled"
(is_boolean_yes "$disable" || is_boolean_yes "$disable_http") && http_server_block+="$disable_suffix"
(is_boolean_yes "$disable" || is_boolean_yes "$disable_https") && https_server_block+="$disable_suffix"
if is_file_writable "$http_server_block"; then
# Create file with root group write privileges, so it can be modified in non-root containers
[[ ! -f "$http_server_block" ]] && touch "$http_server_block" && chmod g+rw "$http_server_block"
render-template "${template_dir}/${template_name}-http-server-block.conf.tpl" | sed '/^\s*$/d' >"$http_server_block"
elif [[ ! -f "$http_server_block" ]]; then
error "Could not create server block for ${app} at '${http_server_block}'. Check permissions and ownership for parent directories."
return 1
else
warn "The ${app} server block file '${http_server_block}' is not writable. Configurations based on environment variables will not be applied for this file."
fi
if is_file_writable "$https_server_block"; then
# Create file with root group write privileges, so it can be modified in non-root containers
[[ ! -f "$https_server_block" ]] && touch "$https_server_block" && chmod g+rw "$https_server_block"
render-template "${template_dir}/${template_name}-https-server-block.conf.tpl" | sed '/^\s*$/d' >"$https_server_block"
elif [[ ! -f "$https_server_block" ]]; then
error "Could not create server block for ${app} at '${https_server_block}'. Check permissions and ownership for parent directories."
return 1
else
warn "The ${app} server block file '${https_server_block}' is not writable. Configurations based on environment variables will not be applied for this file."
fi
}
########################
# Ensure an NGINX application configuration does not exist anymore (in server block format)
# Globals:
# *
# Arguments:
# $1 - App name
# Returns:
# true if the configuration was disabled, false otherwise
########################
ensure_nginx_app_configuration_not_exists() {
local app="${1:?missing app}"
local http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf"
local https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf"
local -r disable_suffix=".disabled"
# Note that 'rm -f' will not fail if the files don't exist
# However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function
rm -f "$http_server_block" "$https_server_block" "${http_server_block}${disable_suffix}" "${https_server_block}${disable_suffix}"
}
########################
# Ensure NGINX loads the configuration for an application in a URL prefix
# Globals:
# NGINX_*
# Arguments:
# $1 - App name
# Flags:
# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty)
# --allow-remote-connections - Whether to allow remote connections or to require local connections
# --prefix - URL prefix from where it will be accessible (i.e. /myapp)
# --additional-configuration - Additional server block configuration (no default)
# --document-root - Path to document root directory
# --extra-directory-configuration - Extra configuration for the document root directory
# Returns:
# true if the configuration was enabled, false otherwise
########################
ensure_nginx_prefix_configuration_exists() {
local app="${1:?missing app}"
# Default options
local type=""
local allow_remote_connections="yes"
local prefix="/${app}"
# Template variables defaults
export additional_configuration=""
export document_root="${BITNAMI_ROOT_DIR}/${app}"
export extra_directory_configuration=""
# Validate arguments
local var_name
shift
while [[ "$#" -gt 0 ]]; do
case "$1" in
--type | \
--allow-remote-connections | \
--additional-configuration | \
--document-root | \
--extra-directory-configuration | \
--prefix)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
declare "${var_name}"="$1"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
# ACL configuration
export acl_configuration=""
if ! is_boolean_yes "$allow_remote_connections"; then
acl_configuration="
default_type text/html;
if (\$remote_addr != 127.0.0.1) {
return 403 'For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.';
}
# Avoid absolute redirects when connecting through a SSH tunnel
absolute_redirect off;"
fi
# Prefix configuration
export location="$prefix"
# Indent configurations
acl_configuration="$(indent "$acl_configuration" 4)"
additional_configuration=$'\n'"$(indent "$additional_configuration" 4)"
# Render templates
# We remove lines that are empty or contain only newspaces with 'sed', so the resulting file looks better
local template_name="app"
[[ -n "$type" ]] && template_name="app-${type}"
local template_dir="${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates"
local prefix_file="${NGINX_CONF_DIR}/bitnami/${app}.conf"
if is_file_writable "$prefix_file"; then
# Create file with root group write privileges, so it can be modified in non-root containers
[[ ! -f "$prefix_file" ]] && touch "$prefix_file" && chmod g+rw "$prefix_file"
render-template "${template_dir}/${template_name}-prefix.conf.tpl" | sed '/^\s*$/d' >"$prefix_file"
elif [[ ! -f "$prefix_file" ]]; then
error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories."
return 1
else
warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file."
fi
}
########################
# Ensure NGINX application configuration is updated with the runtime configuration (i.e. ports)
# Globals:
# *
# Arguments:
# $1 - App name
# Flags:
# --hosts - Hosts to enable
# --enable-http - Enable HTTP app configuration (if not enabled already)
# --enable-https - Enable HTTPS app configuration (if not enabled already)
# --disable-http - Disable HTTP app configuration (if not disabled already)
# --disable-https - Disable HTTPS app configuration (if not disabled already)
# --http-port - HTTP port number
# --https-port - HTTPS port number
# Returns:
# true if the configuration was updated, false otherwise
########################
nginx_update_app_configuration() {
local -r app="${1:?missing app}"
# Default options
local -a hosts=()
local enable_http="no"
local enable_https="no"
local disable_http="no"
local disable_https="no"
local http_port="${NGINX_HTTP_PORT_NUMBER:-"$NGINX_DEFAULT_HTTP_PORT_NUMBER"}"
local https_port="${NGINX_HTTPS_PORT_NUMBER:-"$NGINX_DEFAULT_HTTPS_PORT_NUMBER"}"
# Validate arguments
local var_name
shift
while [[ "$#" -gt 0 ]]; do
case "$1" in
--hosts \
| --server-aliases \
)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
read -r -a "$var_name" <<<"$1"
;;
# Common flags
--enable-http \
| --enable-https \
| --disable-http \
| --disable-https \
)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
declare "${var_name}=yes"
;;
--server-name \
| --http-port \
| --https-port \
)
var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")"
shift
declare "${var_name}=${1}"
;;
*)
echo "Invalid command line flag $1" >&2
return 1
;;
esac
shift
done
# Construct host string in the format of "listen host1:port1", "listen host2:port2", ...
export http_listen_configuration=""
export https_listen_configuration=""
if [[ "${#hosts[@]}" -gt 0 ]]; then
for host in "${hosts[@]}"; do
http_listen="listen ${host}:${http_port};"
https_listen="listen ${host}:${https_port} ssl;"
[[ -z "${http_listen_configuration:-}" ]] && http_listen_configuration="$http_listen" || http_listen_configuration="${http_listen_configuration}"$'\\\n'"${http_listen}"
[[ -z "${https_listen_configuration:-}" ]] && https_listen_configuration="$https_listen" || https_listen_configuration="${https_listen_configuration}"$'\\\n'"${https_listen}"
done
else
http_listen_configuration="listen ${http_port} default_server;"
https_listen_configuration="listen ${https_port} ssl default_server;"
fi
# Indent configurations
http_listen_configuration="$(indent "$http_listen_configuration" 4)"
https_listen_configuration="$(indent "$https_listen_configuration" 4)"
# Update configuration
local -r http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf"
local -r https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf"
# Helper function to avoid duplicating code
update_common_server_block_config() {
local -r server_block_file="${1:?missing server block}"
# Update server_name
if ! is_empty_value "${server_name:-}"; then
local server_name_list="$server_name"
if [[ "${#server_aliases[@]}" -gt 0 ]]; then
server_name_list+=" ${server_aliases[*]}"
fi
replace_in_file "$server_block_file" "^(\s*server_name\s+)[^;]*" "\1${server_name_list}"
fi
}
# Disable and enable configuration files
rename_conf_file() {
local -r origin="$1"
local -r destination="$2"
if is_file_writable "$origin" && is_file_writable "$destination"; then
warn "Could not rename server block file '${origin}' to '${destination}' due to lack of permissions."
else
mv "$origin" "$destination"
fi
}
is_boolean_yes "$disable_http" && [[ -e "$http_server_block" ]] && rename_conf_file "${http_server_block}${disable_suffix}" "$http_server_block"
is_boolean_yes "$disable_https" && [[ -e "$https_server_block" ]] && rename_conf_file "${https_server_block}${disable_suffix}" "$https_server_block"
is_boolean_yes "$enable_http" && [[ -e "${http_server_block}${disable_suffix}" ]] && rename_conf_file "${http_server_block}${disable_suffix}" "$http_server_block"
is_boolean_yes "$enable_https" && [[ -e "${https_server_block}${disable_suffix}" ]] && rename_conf_file "${https_server_block}${disable_suffix}" "$https_server_block"
# Update only configuration files without the '.disabled' suffix
if [[ -e "$http_server_block" ]]; then
if is_file_writable "$http_server_block"; then
update_common_server_block_config "$http_server_block"
# Update specific server block config (listen addresses)
replace_in_file "$http_server_block" "^\s*listen\s.*;" "$http_listen_configuration"
else
warn "The ${app} server block file '${http_server_block}' is not writable. Configurations based on environment variables will not be applied for this file."
fi
fi
if [[ -e "$https_server_block" ]]; then
if is_file_writable "$https_server_block"; then
update_common_server_block_config "$https_server_block"
# Update specific server block config (listen addresses)
replace_in_file "$https_server_block" "^\s*listen\s.*\sssl;" "$https_listen_configuration"
else
warn "The ${app} server block file '${https_server_block}' is not writable. Configurations based on environment variables will not be applied for this file."
fi
fi
}
########################
# Run custom initialization scripts
# Globals:
# NGINX_*
# Arguments:
# None
# Returns:
# None
#########################
nginx_custom_init_scripts() {
if [[ -n $(find "${NGINX_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh") ]]; then
info "Loading user's custom files from $NGINX_INITSCRIPTS_DIR ..."
local -r tmp_file="/tmp/filelist"
find "${NGINX_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh" | sort >"$tmp_file"
while read -r f; do
case "$f" in
*.sh)
if [[ -x "$f" ]]; then
debug "Executing $f"
"$f"
else
debug "Sourcing $f"
. "$f"
fi
;;
*)
debug "Ignoring $f"
;;
esac
done <$tmp_file
nginx_stop
rm -f "$tmp_file"
else
info "No custom scripts in $NGINX_INITSCRIPTS_DIR"
fi
}

257
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/libphp.sh Normal file
View File

@@ -0,0 +1,257 @@
#!/bin/bash
#
# Bitnami PHP library
# shellcheck disable=SC1091
# Load Generic Libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libfile.sh
. /opt/bitnami/scripts/libservice.sh
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/libwebserver.sh
########################
# Add or modify an entry in the main PHP configuration file (php.ini)
# Globals:
# PHP_CONF_FILE
# Arguments:
# $1 - Key
# $2 - Value
# $3 - File to modify (default: $PHP_CONF_FILE)
# Returns:
# None
#########################
php_conf_set() {
local -r key="${1:?key missing}"
local -r value="${2:?value missing}"
local -r file="${3:-"$PHP_CONF_FILE"}"
local pattern="^[; ]*${key}\s*=.*$"
if [[ "$key" = "extension" || "$key" = "zend_extension" ]]; then
# The "extension" property works a bit different for PHP, as there is one per module to be included, meaning it is additive unlike other configurations
# Because of that, we first check if the extension was defined in the file to replace the proper entry
pattern="^[; ]*${key}\s*=\s*[\"]?${value}(\.so)?[\"]?\s*$"
fi
local -r entry="${key} = ${value}"
if is_file_writable "$file"; then
# Not using the ini-file tool since it does not play well with php.ini
if grep -q -E "$pattern" "$file"; then
replace_in_file "$file" "$pattern" "$entry"
else
cat >> "$file" <<< "$entry"
fi
else
warn "The PHP configuration file '${file}' is not writable. The '${key}' option will not be configured."
fi
}
########################
# Ensure PHP is initialized
# Globals:
# PHP_*
# Arguments:
# None
# Returns:
# None
#########################
php_initialize() {
# Configure PHP options based on the runtime environment
info "Configuring PHP options"
php_set_runtime_config "$PHP_CONF_FILE"
# PHP-FPM configuration
! is_empty_value "$PHP_FPM_LISTEN_ADDRESS" && info "Setting PHP-FPM listen option" && php_conf_set "listen" "$PHP_FPM_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf"
# Avoid exit code of previous commands to affect the result of this function
true
}
########################
# Set PHP runtime options, based on user-provided environment variables
# Globals:
# PHP_*
# Arguments:
# None
# Returns:
# None
#########################
php_set_runtime_config() {
local -r conf_file="${1:?missing conf file}"
! is_empty_value "$PHP_DATE_TIMEZONE" && info "Setting PHP date.timezone option" && php_conf_set date.timezone "$PHP_DATE_TIMEZONE" "$conf_file"
! is_empty_value "$PHP_ENABLE_OPCACHE" && info "Setting PHP opcache.enable option" && php_conf_set opcache.enable "$PHP_ENABLE_OPCACHE" "$conf_file"
! is_empty_value "$PHP_EXPOSE_PHP" && info "Setting PHP expose_php option" && php_conf_set expose_php "$PHP_EXPOSE_PHP" "$conf_file"
! is_empty_value "$PHP_MAX_EXECUTION_TIME" && info "Setting PHP max_execution_time option" && php_conf_set max_execution_time "$PHP_MAX_EXECUTION_TIME" "$conf_file"
! is_empty_value "$PHP_MAX_INPUT_TIME" && info "Setting PHP max_input_time option" && php_conf_set max_input_time "$PHP_MAX_INPUT_TIME" "$conf_file"
! is_empty_value "$PHP_MAX_INPUT_VARS" && info "Setting PHP max_input_vars option" && php_conf_set max_input_vars "$PHP_MAX_INPUT_VARS" "$conf_file"
! is_empty_value "$PHP_MEMORY_LIMIT" && info "Setting PHP memory_limit option" && php_conf_set memory_limit "$PHP_MEMORY_LIMIT" "$conf_file"
! is_empty_value "$PHP_POST_MAX_SIZE" && info "Setting PHP post_max_size option" && php_conf_set post_max_size "$PHP_POST_MAX_SIZE" "$conf_file"
! is_empty_value "$PHP_UPLOAD_MAX_FILESIZE" && info "Setting PHP upload_max_filesize option" && php_conf_set upload_max_filesize "$PHP_UPLOAD_MAX_FILESIZE" "$conf_file"
true
}
########################
# Convert a yes/no value to a PHP boolean
# Globals:
# None
# Arguments:
# $1 - yes/no value
# Returns:
# None
#########################
php_convert_to_boolean() {
local -r value="${1:?missing value}"
is_boolean_yes "$value" && echo "true" || echo "false"
}
########################
# Execute/run PHP code and print to stdout
# Globals:
# None
# Stdin:
# Code to execute
# Arguments:
# $1..$n - Input arguments to script
# Returns:
# None
#########################
php_execute_print_output() {
local php_cmd
# Obtain the command specified via stdin
php_cmd="$(</dev/stdin)"
debug "Executing PHP code:\n${php_cmd}"
php -- "$@" <<< "<?php ${php_cmd}"
}
########################
# Execute/run PHP code
# Globals:
# None
# Stdin:
# Code to execute
# Arguments:
# $1..$n - Input arguments to script
# Returns:
# None
#########################
php_execute() {
debug_execute php_execute_print_output "$@"
}
########################
# Execute/run PHP code and print to stdout
# Globals:
# None
# Stdin:
# Code to execute
# Arguments:
# $1..$n - Input arguments to script
# Returns:
# None
#########################
php_execute_print_output() {
local php_cmd
# Obtain the command specified via stdin
php_cmd="$(</dev/stdin)"
debug "Executing PHP code:\n${php_cmd}"
php -- "$@" <<< "<?php ${php_cmd}"
}
########################
# Execute/run PHP code
# Globals:
# None
# Stdin:
# Code to execute
# Arguments:
# $1..$n - Input arguments to script
# Returns:
# None
#########################
php_execute() {
debug_execute php_execute_print_output "$@"
}
########################
# Stop PHP-FPM
# Globals:
# PHP_FPM_PID_FILE
# Arguments:
# $1 - Signal (default: SIGTERM)
# Returns:
# None
#########################
php_fpm_stop() {
local -r signal="${1:-}"
is_php_fpm_not_running && return
stop_service_using_pid "$PHP_FPM_PID_FILE" "$signal"
}
########################
# Reload PHP-FPM configuration
# Globals:
# PHP_FPM_PID_FILE
# Arguments:
# None
# Returns:
# None
#########################
php_fpm_reload() {
php_fpm_stop "USR2"
}
########################
# Check if PHP-FPM is enabled for the current Bitnami installation
# Globals:
# None
# Arguments:
# None
# Returns:
# true if PHP-FPM is enabled, false otherwise
########################
is_php_fpm_enabled() {
if [[ "$(web_server_type)" = "apache" ]]; then
# If mod_php is enabled, then PHP-FPM is cannot be
if apachectl -M | grep -q -E "php[0-9]?_module"; then
false
else
true
fi
else
# Assume PHP-FPM is enabled with any other configuration (i.e. NGINX)
true
fi
}
########################
# Check if PHP-FPM is running
# Globals:
# PHP_FPM_PID_FILE
# Arguments:
# None
# Returns:
# true if PHP-FPM is running, false otherwise
########################
is_php_fpm_running() {
local pid
pid="$(get_pid_from_file "$PHP_FPM_PID_FILE")"
if [[ -n "$pid" ]]; then
is_service_running "$pid"
else
false
fi
}
########################
# Check if PHP-FPM is running
# Globals:
# PHP_FPM_PID_FILE
# Arguments:
# None
# Returns:
# true PHP-FPM is not running, false otherwise
########################
is_php_fpm_not_running() {
! is_php_fpm_running
}

125
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/mysql-client-env.sh Normal file
View File

@@ -0,0 +1,125 @@
#!/bin/bash
#
# Environment configuration for mysql
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-mysql}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# By setting an environment variable matching *_FILE to a file path, the prefixed environment
# variable will be overridden with the value specified in that file
mysql_env_vars=(
MYSQL_CLIENT_FLAVOR
ALLOW_EMPTY_PASSWORD
MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN
MYSQL_CLIENT_DATABASE_HOST
MYSQL_CLIENT_DATABASE_PORT_NUMBER
MYSQL_CLIENT_DATABASE_ROOT_USER
MYSQL_CLIENT_DATABASE_ROOT_PASSWORD
MYSQL_CLIENT_CREATE_DATABASE_NAME
MYSQL_CLIENT_CREATE_DATABASE_USER
MYSQL_CLIENT_CREATE_DATABASE_PASSWORD
MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET
MYSQL_CLIENT_CREATE_DATABASE_COLLATE
MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES
MYSQL_CLIENT_ENABLE_SSL_WRAPPER
MYSQL_CLIENT_ENABLE_SSL
MYSQL_CLIENT_SSL_CA_FILE
MYSQL_CLIENT_SSL_CERT_FILE
MYSQL_CLIENT_SSL_KEY_FILE
MYSQL_CLIENT_EXTRA_FLAGS
MARIADB_AUTHENTICATION_PLUGIN
MARIADB_HOST
MARIADB_PORT_NUMBER
MARIADB_ROOT_USER
MARIADB_ROOT_PASSWORD
)
for env_var in "${mysql_env_vars[@]}"; do
file_env_var="${env_var}_FILE"
if [[ -n "${!file_env_var:-}" ]]; then
if [[ -r "${!file_env_var:-}" ]]; then
export "${env_var}=$(< "${!file_env_var}")"
unset "${file_env_var}"
else
warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
fi
fi
done
unset mysql_env_vars
export MYSQL_CLIENT_FLAVOR="${MYSQL_CLIENT_FLAVOR:-mariadb}"
export DB_FLAVOR="$MYSQL_CLIENT_FLAVOR"
# Paths
export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mysql"
export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mysql"
export DB_DATA_DIR="${DB_VOLUME_DIR}/data"
export DB_BIN_DIR="${DB_BASE_DIR}/bin"
export DB_SBIN_DIR="${DB_BASE_DIR}/bin"
export DB_CONF_DIR="${DB_BASE_DIR}/conf"
export DB_LOGS_DIR="${DB_BASE_DIR}/logs"
export DB_TMP_DIR="${DB_BASE_DIR}/tmp"
export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf"
export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid"
export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock"
export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}"
# System users (when running with a privileged user)
export DB_DAEMON_USER="mysql"
export DB_DAEMON_GROUP="mysql"
# MySQL client configuration
export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}"
MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN="${MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN:-"${MARIADB_AUTHENTICATION_PLUGIN:-}"}"
export MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN="${MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN:-}"
export DB_AUTHENTICATION_PLUGIN="$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN"
MYSQL_CLIENT_DATABASE_HOST="${MYSQL_CLIENT_DATABASE_HOST:-"${MARIADB_HOST:-}"}"
export MYSQL_CLIENT_DATABASE_HOST="${MYSQL_CLIENT_DATABASE_HOST:-mariadb}"
export DB_HOST="$MYSQL_CLIENT_DATABASE_HOST"
MYSQL_CLIENT_DATABASE_PORT_NUMBER="${MYSQL_CLIENT_DATABASE_PORT_NUMBER:-"${MARIADB_PORT_NUMBER:-}"}"
export MYSQL_CLIENT_DATABASE_PORT_NUMBER="${MYSQL_CLIENT_DATABASE_PORT_NUMBER:-3306}"
export DB_PORT_NUMBER="$MYSQL_CLIENT_DATABASE_PORT_NUMBER"
MYSQL_CLIENT_DATABASE_ROOT_USER="${MYSQL_CLIENT_DATABASE_ROOT_USER:-"${MARIADB_ROOT_USER:-}"}"
export MYSQL_CLIENT_DATABASE_ROOT_USER="${MYSQL_CLIENT_DATABASE_ROOT_USER:-root}"
export DB_ROOT_USER="$MYSQL_CLIENT_DATABASE_ROOT_USER" # only used during the first initialization
MYSQL_CLIENT_DATABASE_ROOT_PASSWORD="${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-"${MARIADB_ROOT_PASSWORD:-}"}"
export MYSQL_CLIENT_DATABASE_ROOT_PASSWORD="${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-}"
export DB_ROOT_PASSWORD="$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" # only used during the first initialization
export MYSQL_CLIENT_CREATE_DATABASE_NAME="${MYSQL_CLIENT_CREATE_DATABASE_NAME:-}"
export DB_CREATE_DATABASE_NAME="$MYSQL_CLIENT_CREATE_DATABASE_NAME" # only used during the first initialization
export MYSQL_CLIENT_CREATE_DATABASE_USER="${MYSQL_CLIENT_CREATE_DATABASE_USER:-}"
export DB_CREATE_DATABASE_USER="$MYSQL_CLIENT_CREATE_DATABASE_USER"
export MYSQL_CLIENT_CREATE_DATABASE_PASSWORD="${MYSQL_CLIENT_CREATE_DATABASE_PASSWORD:-}"
export DB_CREATE_DATABASE_PASSWORD="$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD"
export MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET="${MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET:-}"
export DB_CREATE_DATABASE_CHARACTER_SET="$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET"
export MYSQL_CLIENT_CREATE_DATABASE_COLLATE="${MYSQL_CLIENT_CREATE_DATABASE_COLLATE:-}"
export DB_CREATE_DATABASE_COLLATE="$MYSQL_CLIENT_CREATE_DATABASE_COLLATE"
export MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES="${MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES:-}"
export DB_CREATE_DATABASE_PRIVILEGES="$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES"
export MYSQL_CLIENT_ENABLE_SSL_WRAPPER="${MYSQL_CLIENT_ENABLE_SSL_WRAPPER:-no}"
export DB_ENABLE_SSL_WRAPPER="$MYSQL_CLIENT_ENABLE_SSL_WRAPPER"
export MYSQL_CLIENT_ENABLE_SSL="${MYSQL_CLIENT_ENABLE_SSL:-no}"
export DB_ENABLE_SSL="$MYSQL_CLIENT_ENABLE_SSL"
export MYSQL_CLIENT_SSL_CA_FILE="${MYSQL_CLIENT_SSL_CA_FILE:-}"
export DB_SSL_CA_FILE="$MYSQL_CLIENT_SSL_CA_FILE"
export MYSQL_CLIENT_SSL_CERT_FILE="${MYSQL_CLIENT_SSL_CERT_FILE:-}"
export DB_SSL_CERT_FILE="$MYSQL_CLIENT_SSL_CERT_FILE"
export MYSQL_CLIENT_SSL_KEY_FILE="${MYSQL_CLIENT_SSL_KEY_FILE:-}"
export DB_SSL_KEY_FILE="$MYSQL_CLIENT_SSL_KEY_FILE"
export MYSQL_CLIENT_EXTRA_FLAGS="${MYSQL_CLIENT_EXTRA_FLAGS:-no}"
export DB_EXTRA_FLAGS="$MYSQL_CLIENT_EXTRA_FLAGS"
# Custom environment variables may be defined below

19
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/mysql-client/postunpack.sh Executable file
View File

@@ -0,0 +1,19 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libfs.sh
# Load MySQL Client environment variables
. /opt/bitnami/scripts/mysql-client-env.sh
for dir in "$DB_BIN_DIR" "${DB_BASE_DIR}/.bin"; do
ensure_dir_exists "$dir"
chmod g+rwX "$dir"
done

19
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/mysql-client/setup.sh Executable file
View File

@@ -0,0 +1,19 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libmysqlclient.sh
# Load MySQL Client environment variables
. /opt/bitnami/scripts/mysql-client-env.sh
# Ensure MySQL Client environment variables settings are valid
mysql_client_validate
# Ensure MySQL Client is initialized
mysql_client_initialize

76
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx-env.sh Normal file
View File

@@ -0,0 +1,76 @@
#!/bin/bash
#
# Environment configuration for nginx
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-nginx}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# By setting an environment variable matching *_FILE to a file path, the prefixed environment
# variable will be overridden with the value specified in that file
nginx_env_vars=(
NGINX_HTTP_PORT_NUMBER
NGINX_HTTPS_PORT_NUMBER
NGINX_ENABLE_ABSOLUTE_REDIRECT
NGINX_ENABLE_PORT_IN_REDIRECT
)
for env_var in "${nginx_env_vars[@]}"; do
file_env_var="${env_var}_FILE"
if [[ -n "${!file_env_var:-}" ]]; then
if [[ -r "${!file_env_var:-}" ]]; then
export "${env_var}=$(< "${!file_env_var}")"
unset "${file_env_var}"
else
warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
fi
fi
done
unset nginx_env_vars
export WEB_SERVER_TYPE="nginx"
# Paths
export NGINX_BASE_DIR="${BITNAMI_ROOT_DIR}/nginx"
export NGINX_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/nginx"
export NGINX_SBIN_DIR="${NGINX_BASE_DIR}/sbin"
export NGINX_CONF_DIR="${NGINX_BASE_DIR}/conf"
export NGINX_HTDOCS_DIR="${NGINX_BASE_DIR}/html"
export NGINX_TMP_DIR="${NGINX_BASE_DIR}/tmp"
export NGINX_LOGS_DIR="${NGINX_BASE_DIR}/logs"
export NGINX_SERVER_BLOCKS_DIR="${NGINX_CONF_DIR}/server_blocks"
export NGINX_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d"
export NGINX_CONF_FILE="${NGINX_CONF_DIR}/nginx.conf"
export NGINX_PID_FILE="${NGINX_TMP_DIR}/nginx.pid"
export PATH="${NGINX_SBIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}"
# System users (when running with a privileged user)
export NGINX_DAEMON_USER="daemon"
export WEB_SERVER_DAEMON_USER="$NGINX_DAEMON_USER"
export NGINX_DAEMON_GROUP="daemon"
export WEB_SERVER_DAEMON_GROUP="$NGINX_DAEMON_GROUP"
export NGINX_DEFAULT_HTTP_PORT_NUMBER="8080"
export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$NGINX_DEFAULT_HTTP_PORT_NUMBER" # only used at build time
export NGINX_DEFAULT_HTTPS_PORT_NUMBER="8443"
export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$NGINX_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time
# NGINX configuration
export NGINX_HTTP_PORT_NUMBER="${NGINX_HTTP_PORT_NUMBER:-}"
export WEB_SERVER_HTTP_PORT_NUMBER="$NGINX_HTTP_PORT_NUMBER"
export NGINX_HTTPS_PORT_NUMBER="${NGINX_HTTPS_PORT_NUMBER:-}"
export WEB_SERVER_HTTPS_PORT_NUMBER="$NGINX_HTTPS_PORT_NUMBER"
export NGINX_ENABLE_ABSOLUTE_REDIRECT="${NGINX_ENABLE_ABSOLUTE_REDIRECT:-no}"
export NGINX_ENABLE_PORT_IN_REDIRECT="${NGINX_ENABLE_PORT_IN_REDIRECT:-no}"
# Custom environment variables may be defined below

32
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx-php-fpm/postunpack.sh Executable file
View File

@@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/libvalidations.sh
# Load NGINX environment
. /opt/bitnami/scripts/nginx-env.sh
. /opt/bitnami/scripts/php-env.sh
# Write NGINX configuration
nginx_php_fpm_conf_file="${NGINX_CONF_DIR}/bitnami/php-fpm.conf"
fastcgi_pass="$PHP_FPM_DEFAULT_LISTEN_ADDRESS"
# Check if PHP_FPM_DEFAULT_LISTEN_ADDRESS refers to a socket file, and add the required prefix for NGINX to understand it
[[ "$fastcgi_pass" == "/"* ]] && fastcgi_pass="unix:$fastcgi_pass"
cat >"$nginx_php_fpm_conf_file" <<EOF
index index.html index.htm index.php;
location ~ \.php$ {
fastcgi_read_timeout 300;
fastcgi_pass ${fastcgi_pass};
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME \$request_filename;
include fastcgi_params;
}
EOF

27
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx-php-fpm/run.sh Executable file
View File

@@ -0,0 +1,27 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libnginx.sh
# Catch SIGTERM signal and stop all child processes
_forwardTerm() {
echo "Caught signal SIGTERM, passing it to child processes..."
pgrep -P $$ | xargs kill -TERM 2>/dev/null
wait
exit $?
}
trap _forwardTerm TERM
info "Starting PHP-FPM..."
/opt/bitnami/scripts/php/run.sh &
info "Starting NGINX..."
/opt/bitnami/scripts/nginx/run.sh

16
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-http-server-block.conf.tpl Normal file
View File

@@ -0,0 +1,16 @@
{{external_configuration}}
server {
# Port to listen on, can also be set in IP:PORT format
{{http_listen_configuration}}
root {{document_root}};
{{server_name_configuration}}
{{acl_configuration}}
{{additional_configuration}}
include "/opt/bitnami/nginx/conf/bitnami/*.conf";
}

19
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl Normal file
View File

@@ -0,0 +1,19 @@
{{external_configuration}}
server {
# Port to listen on, can also be set in IP:PORT format
{{https_listen_configuration}}
root {{document_root}};
{{server_name_configuration}}
ssl_certificate bitnami/certs/server.crt;
ssl_certificate_key bitnami/certs/server.key;
{{acl_configuration}}
{{additional_configuration}}
include "/opt/bitnami/nginx/conf/bitnami/*.conf";
}

10
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-php-prefix.conf.tpl Normal file
View File

@@ -0,0 +1,10 @@
location ^~ {{location}} {
alias "{{document_root}}";
{{acl_configuration}}
include "/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf";
include "/opt/bitnami/nginx/conf/bitnami/php-fpm.conf";
}
{{additional_configuration}}

9
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-prefix.conf.tpl Normal file
View File

@@ -0,0 +1,9 @@
location ^~ {{location}} {
alias "{{document_root}}";
{{acl_configuration}}
include "/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf";
}
{{additional_configuration}}

26
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/entrypoint.sh Executable file
View File

@@ -0,0 +1,26 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libbitnami.sh
. /opt/bitnami/scripts/libnginx.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
print_welcome_page
if [[ "$1" = "/opt/bitnami/scripts/nginx/run.sh" ]]; then
info "** Starting NGINX setup **"
/opt/bitnami/scripts/nginx/setup.sh
info "** NGINX setup finished! **"
fi
echo ""
exec "$@"

64
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/postunpack.sh Executable file
View File

@@ -0,0 +1,64 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/libfs.sh
# Auxiliar Functions
########################
# Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability
# Ref: https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-httpoxy-vulnerability
# Globals:
# NGINX_*
# Arguments:
# None
# Returns:
# None
#########################
nginx_patch_httpoxy_vulnerability() {
debug "Unsetting HTTP_PROXY header..."
echo '# Unset the HTTP_PROXY header' >>"${NGINX_CONF_DIR}/fastcgi_params"
echo 'fastcgi_param HTTP_PROXY "";' >>"${NGINX_CONF_DIR}/fastcgi_params"
}
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
# Remove unnecessary directories that come with the tarball
rm -rf "${BITNAMI_ROOT_DIR}/certs" "${BITNAMI_ROOT_DIR}/server_blocks"
# Ensure non-root user has write permissions on a set of directories
for dir in "$NGINX_VOLUME_DIR" "$NGINX_CONF_DIR" "$NGINX_INITSCRIPTS_DIR" "$NGINX_SERVER_BLOCKS_DIR" "${NGINX_CONF_DIR}/bitnami" "$NGINX_LOGS_DIR" "$NGINX_TMP_DIR"; do
ensure_dir_exists "$dir"
chmod -R g+rwX "$dir"
done
# Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability
nginx_patch_httpoxy_vulnerability
# Configure default HTTP port
nginx_configure_port "$NGINX_DEFAULT_HTTP_PORT_NUMBER"
# shellcheck disable=SC1091
# Load additional libraries
. /opt/bitnami/scripts/libfs.sh
# Users can mount their html sites at /app
mv "${NGINX_BASE_DIR}/html" /app
ln -sf /app "${NGINX_BASE_DIR}/html"
# Users can mount their certificates at /certs
mv "${NGINX_CONF_DIR}/bitnami/certs" /certs
ln -sf /certs "${NGINX_CONF_DIR}/bitnami/certs"
ln -sf "/dev/stdout" "${NGINX_LOGS_DIR}/access.log"
ln -sf "/dev/stderr" "${NGINX_LOGS_DIR}/error.log"

18
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/reload.sh Executable file
View File

@@ -0,0 +1,18 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/liblog.sh
# Load NGINX environment
. /opt/bitnami/scripts/nginx-env.sh
info "** Reloading NGINX configuration **"
exec "${NGINX_SBIN_DIR}/nginx" -s reload

17
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/restart.sh Executable file
View File

@@ -0,0 +1,17 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
/opt/bitnami/scripts/nginx/stop.sh
/opt/bitnami/scripts/nginx/start.sh

18
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/run.sh Executable file
View File

@@ -0,0 +1,18 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libnginx.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
info "** Starting NGINX **"
exec "${NGINX_SBIN_DIR}/nginx" -c "$NGINX_CONF_FILE" -g "daemon off;"

46
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/setup.sh Executable file
View File

@@ -0,0 +1,46 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libnginx.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
# Ensure NGINX environment variables settings are valid
nginx_validate
# Ensure NGINX is stopped when this script ends
trap "nginx_stop" EXIT
# Ensure NGINX daemon user exists when running as 'root'
am_i_root && ensure_user_exists "$NGINX_DAEMON_USER" --group "$NGINX_DAEMON_GROUP"
# Run init scripts
nginx_custom_init_scripts
# Validate HTTPS port number
if [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]]; then
validate_port_args=()
! am_i_root && validate_port_args+=("-unprivileged")
validate_port_args+=("$NGINX_HTTPS_PORT_NUMBER")
if ! err=$(validate_port "${validate_port_args[@]}"); then
error "An invalid port was specified in the environment variable NGINX_HTTPS_PORT_NUMBER: $err"
exit 1
fi
fi
# Fix logging issue when running as root
! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)"
# Initialize NGINX
nginx_initialize

32
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/start.sh Executable file
View File

@@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
error_code=0
if is_nginx_not_running; then
"${NGINX_SBIN_DIR}/nginx" -c "$NGINX_CONF_FILE"
if ! retry_while "is_nginx_running"; then
error "nginx did not start"
error_code=1
else
info "nginx started"
fi
else
info "nginx is already running"
fi
exit "$error_code"

21
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/status.sh Executable file
View File

@@ -0,0 +1,21 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/liblog.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
if is_nginx_running; then
info "nginx is already running"
else
info "nginx is not running"
fi

32
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/nginx/stop.sh Executable file
View File

@@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libnginx.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
# Load NGINX environment variables
. /opt/bitnami/scripts/nginx-env.sh
error_code=0
if is_nginx_running; then
BITNAMI_QUIET=1 nginx_stop
if ! retry_while "is_nginx_not_running"; then
error "nginx could not be stopped"
error_code=1
else
info "nginx stopped"
fi
else
info "nginx is not running"
fi
exit "$error_code"

87
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/php-env.sh Normal file
View File

@@ -0,0 +1,87 @@
#!/bin/bash
#
# Environment configuration for php
# The values for all environment variables will be set in the below order of precedence
# 1. Custom environment variables defined below after Bitnami defaults
# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR
# 3. Environment variables overridden via external files using *_FILE variables (see below)
# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata)
# Load logging library
# shellcheck disable=SC1090,SC1091
. /opt/bitnami/scripts/liblog.sh
export BITNAMI_ROOT_DIR="/opt/bitnami"
export BITNAMI_VOLUME_DIR="/bitnami"
# Logging configuration
export MODULE="${MODULE:-php}"
export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}"
# By setting an environment variable matching *_FILE to a file path, the prefixed environment
# variable will be overridden with the value specified in that file
php_env_vars=(
PHP_FPM_LISTEN_ADDRESS
PHP_DATE_TIMEZONE
PHP_ENABLE_OPCACHE
PHP_MAX_EXECUTION_TIME
PHP_MAX_INPUT_TIME
PHP_MAX_INPUT_VARS
PHP_MEMORY_LIMIT
PHP_POST_MAX_SIZE
PHP_UPLOAD_MAX_FILESIZE
PHP_OPCACHE_ENABLED
)
for env_var in "${php_env_vars[@]}"; do
file_env_var="${env_var}_FILE"
if [[ -n "${!file_env_var:-}" ]]; then
if [[ -r "${!file_env_var:-}" ]]; then
export "${env_var}=$(< "${!file_env_var}")"
unset "${file_env_var}"
else
warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable."
fi
fi
done
unset php_env_vars
# Paths
export PHP_BASE_DIR="${BITNAMI_ROOT_DIR}/php"
export PHP_BIN_DIR="${PHP_BASE_DIR}/bin"
export PHP_CONF_DIR="${PHP_BASE_DIR}/etc"
export PHP_TMP_DIR="${PHP_BASE_DIR}/var/run"
export PHP_CONF_FILE="${PHP_CONF_DIR}/php.ini"
# PHP default build-time configuration
export PHP_DEFAULT_OPCACHE_INTERNED_STRINGS_BUFFER="16" # only used at build time
export PHP_DEFAULT_OPCACHE_MEMORY_CONSUMPTION="192" # only used at build time
export PHP_DEFAULT_OPCACHE_FILE_CACHE="${PHP_TMP_DIR}/opcache_file" # only used at build time
# PHP-FPM configuration
export PHP_FPM_SBIN_DIR="${PHP_BASE_DIR}/sbin"
export PHP_FPM_LOGS_DIR="${PHP_BASE_DIR}/logs"
export PHP_FPM_LOG_FILE="${PHP_FPM_LOGS_DIR}/php-fpm.log"
export PHP_FPM_CONF_FILE="${PHP_CONF_DIR}/php-fpm.conf"
export PHP_FPM_PID_FILE="${PHP_TMP_DIR}/php-fpm.pid"
export PHP_FPM_DEFAULT_LISTEN_ADDRESS="${PHP_TMP_DIR}/www.sock" # only used at build time
export PHP_FPM_LISTEN_ADDRESS="${PHP_FPM_LISTEN_ADDRESS:-}"
export PATH="${PHP_FPM_SBIN_DIR}:${PHP_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}"
# System users (when running with a privileged user)
export PHP_FPM_DAEMON_USER="daemon"
export PHP_FPM_DAEMON_GROUP="daemon"
# PHP configuration
export PHP_DATE_TIMEZONE="${PHP_DATE_TIMEZONE:-}"
PHP_ENABLE_OPCACHE="${PHP_ENABLE_OPCACHE:-"${PHP_OPCACHE_ENABLED:-}"}"
export PHP_ENABLE_OPCACHE="${PHP_ENABLE_OPCACHE:-}"
export PHP_EXPOSE_PHP="0"
export PHP_MAX_EXECUTION_TIME="${PHP_MAX_EXECUTION_TIME:-}"
export PHP_MAX_INPUT_TIME="${PHP_MAX_INPUT_TIME:-}"
export PHP_MAX_INPUT_VARS="${PHP_MAX_INPUT_VARS:-}"
export PHP_MEMORY_LIMIT="${PHP_MEMORY_LIMIT:-}"
export PHP_POST_MAX_SIZE="${PHP_POST_MAX_SIZE:-}"
export PHP_UPLOAD_MAX_FILESIZE="${PHP_UPLOAD_MAX_FILESIZE:-}"
# Custom environment variables may be defined below

39
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/php/postunpack.sh Executable file
View File

@@ -0,0 +1,39 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libfs.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
# PHP OPcache optimizations
php_conf_set "opcache.interned_strings_buffer" "$PHP_DEFAULT_OPCACHE_INTERNED_STRINGS_BUFFER"
php_conf_set "opcache.memory_consumption" "$PHP_DEFAULT_OPCACHE_MEMORY_CONSUMPTION"
php_conf_set "opcache.file_cache" "$PHP_DEFAULT_OPCACHE_FILE_CACHE"
# PHP-FPM configuration
php_conf_set "listen" "$PHP_FPM_DEFAULT_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf"
# TMP dir configuration
php_conf_set "upload_tmp_dir" "${PHP_BASE_DIR}/tmp"
php_conf_set "session.save_path" "${PHP_TMP_DIR}/session"
# Ensure directories used by PHP-FPM exist and have proper ownership and permissions
for dir in "$PHP_CONF_DIR" "${PHP_BASE_DIR}/tmp" "$PHP_TMP_DIR" "$PHP_FPM_LOGS_DIR" "${PHP_TMP_DIR}/session"; do
ensure_dir_exists "$dir"
chmod -R g+rwX "$dir"
done
info "Disabling PHP-FPM daemon user/group configuration"
mv "${PHP_CONF_DIR}/common.conf" "${PHP_CONF_DIR}/common.conf.disabled"
touch "${PHP_CONF_DIR}/common.conf"
ln -sf "/dev/stdout" "$PHP_FPM_LOG_FILE"

35
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/php/reload.sh Executable file
View File

@@ -0,0 +1,35 @@
#!/bin/bash
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purpose
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libwebserver.sh
# Load PHP-FPM environment
. /opt/bitnami/scripts/php-env.sh
# Load web server environment and functions
. "/opt/bitnami/scripts/$(web_server_type)-env.sh"
error_code=0
if is_php_fpm_enabled; then
if is_php_fpm_not_running; then
error "php-fpm is not running"
error_code=1
else
info "** Reloading PHP-FPM configuration **"
php_fpm_reload
fi
else
web_server_reload
fi
exit "$error_code"

17
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/php/restart.sh Executable file
View File

@@ -0,0 +1,17 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
/opt/bitnami/scripts/php/stop.sh
/opt/bitnami/scripts/php/start.sh

19
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/php/run.sh Executable file
View File

@@ -0,0 +1,19 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/liblog.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
info "** Starting PHP-FPM **"
declare -a args=("--pid" "$PHP_FPM_PID_FILE" "--fpm-config" "$PHP_FPM_CONF_FILE" "-c" "$PHP_CONF_DIR" "-F")
exec "${PHP_FPM_SBIN_DIR}/php-fpm" "${args[@]}"

32
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/php/setup.sh Executable file
View File

@@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/libos.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
# Ensure PHP-FPM daemon user exists and required folder belongs to this user when running as 'root'
if am_i_root; then
ensure_user_exists "$PHP_FPM_DAEMON_USER" --group "$PHP_FPM_DAEMON_GROUP"
ensure_dir_exists "$PHP_TMP_DIR"
chown -R "${PHP_FPM_DAEMON_USER}:${PHP_FPM_DAEMON_GROUP}" "$PHP_TMP_DIR"
# Enable daemon configuration
if [[ ! -f "${PHP_CONF_DIR}/common.conf" ]]; then
cp "${PHP_CONF_DIR}/common.conf.disabled" "${PHP_CONF_DIR}/common.conf"
fi
fi
php_initialize
# Fix logging issue when running as root
! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)"

32
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/php/start.sh Executable file
View File

@@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
error_code=0
if is_php_fpm_not_running; then
nohup /opt/bitnami/scripts/php/run.sh >/dev/null 2>&1 &
if ! retry_while "is_php_fpm_running"; then
error "php-fpm did not start"
error_code=1
else
info "php-fpm started"
fi
else
info "php-fpm is already running"
fi
exit "$error_code"

21
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/php/status.sh Executable file
View File

@@ -0,0 +1,21 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/liblog.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
if is_php_fpm_running; then
info "php-fpm is already running"
else
info "php-fpm is not running"
fi

32
bitnami/drupal-nginx/9/debian-10/rootfs/opt/bitnami/scripts/php/stop.sh Executable file
View File

@@ -0,0 +1,32 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries
. /opt/bitnami/scripts/libphp.sh
. /opt/bitnami/scripts/libos.sh
. /opt/bitnami/scripts/liblog.sh
# Load PHP-FPM environment variables
. /opt/bitnami/scripts/php-env.sh
error_code=0
if is_php_fpm_running; then
BITNAMI_QUIET=1 php_fpm_stop
if ! retry_while "is_php_fpm_not_running"; then
error "php-fpm could not be stopped"
error_code=1
else
info "php-fpm stopped"
fi
else
info "php-fpm is not running"
fi
exit "$error_code"

31
bitnami/drupal-nginx/9/debian-10/rootfs/post-init.d/php.sh Executable file
View File

@@ -0,0 +1,31 @@
#!/bin/bash
#
# Executes custom PHP init scripts
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ "$custom_init_script" != *".php" ]] && continue
info "Executing ${custom_init_script} with PHP interpreter"
php "$custom_init_script" || failure=1
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
exit "$failure"

36
bitnami/drupal-nginx/9/debian-10/rootfs/post-init.d/shell.sh Executable file
View File

@@ -0,0 +1,36 @@
#!/bin/bash
#
# Executes custom Bash init scripts
# shellcheck disable=SC1090,SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ "$custom_init_script" != *".sh" ]] && continue
if [[ -x "$custom_init_script" ]]; then
info "Executing ${custom_init_script}"
"$custom_init_script" || failure="1"
else
info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail"
. "$custom_init_script"
fi
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
exit "$failure"

46
bitnami/drupal-nginx/9/debian-10/rootfs/post-init.d/sql-mysql.sh Executable file
View File

@@ -0,0 +1,46 @@
#!/bin/bash
#
# Executes custom MySQL (.sql or .sql.gz) init scripts
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Load libraries with logging functions
if [[ -f /opt/bitnami/base/functions ]]; then
. /opt/bitnami/base/functions
else
. /opt/bitnami/scripts/liblog.sh
fi
mysql_execute() {
local -r sql_file="${1:?missing file}"
local failure=0
mysql_cmd=("mysql" "-h" "$MARIADB_HOST" "-P" "$MARIADB_PORT_NUMBER" "-u" "$MARIADB_ROOT_USER")
if [[ "${ALLOW_EMPTY_PASSWORD:-no}" != "yes" ]]; then
mysql_cmd+=("-p${MARIADB_ROOT_PASSWORD}")
fi
if [[ "$sql_file" == *".sql" ]]; then
"${mysql_cmd[@]}" < "$sql_file" || failure=$?
elif [[ "$sql_file" == *".sql.gz" ]]; then
gunzip -c "$sql_file" | "${mysql_cmd[@]}" || failure=$?
fi
return "$failure"
}
# Loop through all input files passed via stdin
read -r -a custom_init_scripts <<< "$@"
failure=0
if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then
for custom_init_script in "${custom_init_scripts[@]}"; do
[[ ! "$custom_init_script" =~ ^.*(\.sql|\.sql\.gz)$ ]] && continue
info "Executing ${custom_init_script}"
mysql_execute "$custom_init_script" || failure=1
[[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}"
done
fi
exit "$failure"

23
bitnami/drupal-nginx/9/debian-10/rootfs/post-init.sh Executable file
View File

@@ -0,0 +1,23 @@
#!/bin/bash
# shellcheck disable=SC1091
set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes
# Only execute init scripts once
if [[ ! -f "/bitnami/drupal-nginx/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then
read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)"
if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/drupal-nginx/.user_scripts_initialized" ]]; then
mkdir -p "/bitnami/drupal-nginx"
for init_script in "${init_scripts[@]}"; do
for init_script_type_handler in /post-init.d/*.sh; do
"$init_script_type_handler" "$init_script"
done
done
fi
touch "/bitnami/drupal-nginx/.user_scripts_initialized"
fi

17
bitnami/drupal-nginx/CODE_OF_CONDUCT.md Normal file
View File

@@ -0,0 +1,17 @@
# Contributor Code of Conduct
As contributors and maintainers of this project, we pledge to respect everyone who contributes by posting issues, updating documentation, submitting pull requests, providing feedback in comments, and any other activities.
Communication through any of Bitnami's channels (GitHub, mailing lists, Twitter, and so on) must be constructive and never resort to personal attacks, trolling, public or private harassment, insults, or other unprofessional conduct.
We promise to extend courtesy and respect to everyone involved in this project, regardless of gender, gender identity, sexual orientation, disability, age, race, ethnicity, religion, or level of experience. We expect anyone contributing to this project to do the same.
If any member of the community violates this code of conduct, the maintainers of this project may take action, including removing issues, comments, and PRs or blocking accounts, as deemed appropriate.
If you are subjected to or witness unacceptable behavior, or have any other concerns, please communicate with us.
If you have suggestions to improve this Code of Conduct, please submit an issue or PR.
**Attribution**
This Code of Conduct is adapted from the Angular project available at this page: https://github.com/angular/code-of-conduct/blob/master/CODE_OF_CONDUCT.md

52
bitnami/drupal-nginx/CONTRIBUTING.md Normal file
View File

@@ -0,0 +1,52 @@
# Contributing Guidelines
Contributions are welcome via GitHub Pull Requests. This document outlines the process to help get your contribution accepted.
Any type of contribution is welcome: new features, bug fixes, documentation improvements, etc.
## How to Contribute
1. Fork this repository, develop, and test your changes.
2. Submit a pull request.
### Requirements
When submitting a PR make sure that:
- It must pass CI jobs for linting and test the changes (if any).
- It must follow [container best practices](https://engineering.bitnami.com/articles/best-practices-writing-a-dockerfile.html).
- The title of the PR is clear enough.
- If necessary, add information to the repository's `README.md`.
#### Sign Your Work
The sign-off is a simple line at the end of the explanation for a commit. All commits needs to be signed. Your signature certifies that you wrote the patch or otherwise have the right to contribute the material. The rules are pretty simple, you only need to certify the guidelines from [developercertificate.org](https://developercertificate.org/).
Then you just add a line to every git commit message:
Signed-off-by: Joe Smith <joe.smith@example.com>
Use your real name (sorry, no pseudonyms or anonymous contributions.)
If you set your `user.name` and `user.email` git configs, you can sign your commit automatically with `git commit -s`.
Note: If your git config information is set properly then viewing the `git log` information for your commit will look something like this:
```
Author: Joe Smith <joe.smith@example.com>
Date: Thu Feb 2 11:41:15 2018 -0800
Update README
Signed-off-by: Joe Smith <joe.smith@example.com>
```
Notice the `Author` and `Signed-off-by` lines match. If they don't your PR will be rejected by the automated DCO check.
### PR Approval and Release Process
1. Changes are manually reviewed by Bitnami team members usually within a business day.
2. Once the changes are accepted, the PR is tested (if needed) into the Bitnami CI pipeline, the container is deployed and tested (verification and functional tests) using docker-compose and Helm (if there is an associated Helm Chart).
3. The PR is merged by the reviewer(s) in the GitHub `master` branch.
4. Then our CI/CD system is going to push the container image to the different registries including the recently merged changes.
***NOTE***: Please note that, in terms of time, may be a slight difference between the appearance of the code in GitHub and the image with the changes in the different registries.

13
bitnami/drupal-nginx/LICENSE.md Normal file
View File

@@ -0,0 +1,13 @@
Copyright &copy; 2022 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

533
bitnami/drupal-nginx/README.md Normal file
View File

@@ -0,0 +1,533 @@
# Drupal with NGINX packaged by Bitnami
## What is Drupal with NGINX?
> Drupal with NGINX enhances the popular open source CMS with the performance and security of NGINX. Drupal's modular architecture lets you create many different types of websites and applications.
[Overview of Drupal with NGINX](http://drupal.org)
Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
## TL;DR
```console
$ curl -sSL https://raw.githubusercontent.com/bitnami/bitnami-docker-drupal-nginx/master/docker-compose.yml > docker-compose.yml
$ docker-compose up -d
```
**Warning**: This quick setup is only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the [Environment Variables](#environment-variables) section for a more secure deployment.
### Why use Bitnami Images?
* Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems.
* With Bitnami images the latest bug fixes and features are available as soon as possible.
* Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs.
* All our images are based on [minideb](https://github.com/bitnami/minideb) a minimalist Debian based container image which gives you a small base container image and the familiarity of a leading Linux distribution.
* All Bitnami images available in Docker Hub are signed with [Docker Content Trust (DCT)](https://docs.docker.com/engine/security/trust/content_trust/). You can use `DOCKER_CONTENT_TRUST=1` to verify the integrity of the images.
* Bitnami container images are released daily with the latest distribution packages available.
> This [CVE scan report](https://quay.io/repository/bitnami/drupal-nginx?tab=tags) contains a security report with all open CVEs. To get the list of actionable security issues, find the "latest" tag, click the vulnerability report link under the corresponding "Security scan" field and then select the "Only show fixable" filter on the next page.
### Why use a non-root container?
Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers [in our docs](https://docs.bitnami.com/tutorials/work-with-non-root-containers/).
### Supported tags and respective `Dockerfile` links
Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers/).
* [`9`, `9-debian-10`, `9.3.9`, `9.3.9-debian-10-r16`, `latest` (9/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-drupal-nginx/blob/9.3.9-debian-10-r16/9/debian-10/Dockerfile)
Subscribe to project updates by watching the [bitnami/drupal-nginx GitHub repo](https://github.com/bitnami/bitnami-docker-drupal-nginx).
### Get this image
The recommended way to get the Bitnami Drupal Docker Image is to pull the prebuilt image from the [Docker Hub Registry](https://hub.docker.com/r/bitnami/drupal-nginx).
```console
$ docker pull bitnami/drupal-nginx:latest
```
To use a specific version, you can pull a versioned tag. You can view the [list of available versions](https://hub.docker.com/r/bitnami/drupal-nginx/tags/) in the Docker Hub Registry.
```console
$ docker pull bitnami/drupal-nginx:[TAG]
```
If you wish, you can also build the image yourself.
```console
$ docker build -t bitnami/drupal-nginx:latest 'https://github.com/bitnami/bitnami-docker-drupal-nginx.git#master:9/debian-10'
```
## How to use this image
### Run Drupal with a Database Container
Running Drupal with a database server is the recommended way. You can either use docker-compose or run the containers manually.
#### Run the application using Docker Compose
The main folder of this repository contains a functional [`docker-compose.yml`](https://github.com/bitnami/bitnami-docker-drupal-nginx/blob/master/docker-compose.yml) file. Run the application using it as shown below:
```console
$ curl -sSL https://raw.githubusercontent.com/bitnami/bitnami-docker-drupal-nginx/master/docker-compose.yml > docker-compose.yml
$ docker-compose up -d
```
#### Run the application manually
If you want to run the application manually instead of using docker-compose, these are the basic steps you need to run:
##### 1. Create a new network for the application and the database:
```console
$ docker network create drupal-network
```
##### 2. Create a volume for MariaDB persistence and create a MariaDB container
```console
$ docker volume create --name mariadb_data
$ docker run -d --name mariadb \
-e ALLOW_EMPTY_PASSWORD=yes \
-e MARIADB_USER=bn_drupal \
-e MARIADB_DATABASE=bitnami_drupal \
--net drupal-network \
--volume mariadb_data:/bitnami/mariadb \
bitnami/mariadb:latest
```
##### 3. Create volumes for Drupal persistence and launch the container
```console
$ docker volume create --name drupal_data
$ docker run -d --name drupal -p 8080:8080 -p 8443:8443 \
-e ALLOW_EMPTY_PASSWORD=yes \
-e DRUPAL_DATABASE_USER=bn_drupal \
-e DRUPAL_DATABASE_NAME=bitnami_drupal \
--net drupal-network \
--volume drupal_data:/bitnami/drupal
bitnami/drupal-nginx:latest
```
Access your application at `http://your-ip:8080/`
### Persisting your application
If you remove the container all your data will be lost, and the next time you run the image the database will be reinitialized. To avoid this loss of data, you should mount a volume that will persist even after the container is removed.
For persistence you should mount a directory at the `/bitnami/drupal` path. If the mounted directory is empty, it will be initialized on the first run. Additionally you should mount a volume for persistence of the MariaDB data](https://github.com/bitnami/bitnami-docker-mariadb#persisting-your-database).
The above examples define the Docker volumes named mariadb_data and drupal_data. The Drupal application state will persist as long as volumes are not removed.
To avoid inadvertent removal of volumes, you can mount host directories as data volumes. Alternatively you can make use of volume plugins to host the volume data.
#### Mount host directories as data volumes with Docker Compose
This requires a minor change to the [`docker-compose.yml`](https://github.com/bitnami/bitnami-docker-drupal-nginx/blob/master/docker-compose.yml) file present in this repository:
```diff
mariadb:
...
volumes:
- - 'mariadb_data:/bitnami/mariadb'
+ - /path/to/mariadb-persistence:/bitnami/mariadb
...
drupal:
...
volumes:
- - 'drupal_data:/bitnami/drupal'
+ - /path/to/drupal-persistence:/bitnami/drupal
...
-volumes:
- mariadb_data:
- driver: local
- drupal_data:
- driver: local
```
> NOTE: As this is a non-root container, the mounted files and directories must have the proper permissions for the UID `1001`.
#### Mount host directories as data volumes using the Docker command line
##### Step 1: Create a network (if it does not exist)
```console
$ docker network create drupal-network
```
##### 2. Create a MariaDB container with host volume:
```console
$ docker run -d --name mariadb \
-e ALLOW_EMPTY_PASSWORD=yes \
-e MARIADB_USER=bn_drupal \
-e MARIADB_PASSWORD=bitnami \
-e MARIADB_DATABASE=bitnami_drupal \
--net drupal-network \
--volume /path/to/mariadb-persistence:/bitnami \
bitnami/mariadb:latest
```
##### Step 3. Create the Drupal container with host volumes
```console
$ docker run -d --name drupal \
-p 8080:8080 -p 8443:8443 \
--env ALLOW_EMPTY_PASSWORD=yes \
--env DRUPAL_DATABASE_USER=bn_drupal \
--env DRUPAL_DATABASE_PASSWORD=bitnami \
--env DRUPAL_DATABASE_NAME=bitnami_drupal \
--network drupal-network \
--volume /path/to/drupal-persistence:/bitnami/drupal \
bitnami/drupal-nginx:latest
```
### Configuration
#### Environment variables
When you start the Drupal image, you can adjust the configuration of the instance by passing one or more environment variables either on the docker-compose file or on the `docker run` command line. If you want to add a new environment variable:
* For docker-compose add the variable name and value under the application section in the [`docker-compose.yml`](https://github.com/bitnami/bitnami-docker-drupal-nginx/blob/master/docker-compose.yml) file present in this repository:
```yaml
drupal:
...
environment:
- DRUPAL_PASSWORD=my_password
...
```
* For manual execution add a `--env` option with each variable and value:
```console
$ docker run -d --name drupal -p 80:8080 -p 443:8443 \
--env DRUPAL_PASSWORD=my_password \
--network drupal-tier \
--volume /path/to/drupal-persistence:/bitnami \
bitnami/drupal-nginx:latest
```
Available environment variables:
###### User and Site configuration
- `DRUPAL_PROFILE`: Drupal installation profile. Default: **standard**
- `DRUPAL_SITE_NAME`: Drupal blog name. Default: **My blog**
- `DRUPAL_SKIP_BOOTSTRAP`: Whether to skip performing the initial bootstrapping for the application. Default: **no**
- `DRUPAL_ENABLE_MODULES`: Comma or space separated list of installed modules to enable during the first initialization. No defaults.
- `DRUPAL_USERNAME`: Drupal application username. Default: **user**
- `DRUPAL_PASSWORD`: Drupal application password. Default: **bitnami**
- `DRUPAL_EMAIL`: Drupal application email. Default: **user@example.com**
- `DRUPAL_CONFIG_SYNC_DIR`: Drupal sync configuration directory location. Only used when `DRUPAL_SKIP_BOOTSTRAP` is enabled. No defaults.
- `DRUPAL_HASH_SALT`: Drupal string used to generate random values. Only used when `DRUPAL_SKIP_BOOTSTRAP` is enabled. No defaults.
###### Use an existing database
- `DRUPAL_DATABASE_HOST`: Hostname for MariaDB server. Default: **mariadb**
- `DRUPAL_DATABASE_PORT_NUMBER`: Port used by MariaDB server. Default: **3306**
- `DRUPAL_DATABASE_NAME`: Database name that Drupal will use to connect with the database. Default: **bitnami_drupal**
- `DRUPAL_DATABASE_USER`: Database user that Drupal will use to connect with the database. Default: **bn_drupal**
- `DRUPAL_DATABASE_PASSWORD`: Database password that Drupal will use to connect with the database. No defaults.
- `DRUPAL_DATABASE_TLS_CA_FILE`: TLS CA certificate for connections. No defaults.
- `ALLOW_EMPTY_PASSWORD`: It can be used to allow blank passwords. Default: **no**
###### Create a database for Drupal using mysql-client
- `MYSQL_CLIENT_FLAVOR`: SQL database flavor. Valid values: `mariadb` or `mysql`. Default: **mariadb**.
- `MYSQL_CLIENT_DATABASE_HOST`: Hostname for MariaDB server. Default: **mariadb**
- `MYSQL_CLIENT_DATABASE_PORT_NUMBER`: Port used by MariaDB server. Default: **3306**
- `MYSQL_CLIENT_DATABASE_ROOT_USER`: Database admin user. Default: **root**
- `MYSQL_CLIENT_DATABASE_ROOT_PASSWORD`: Database password for the database admin user. No defaults.
- `MYSQL_CLIENT_CREATE_DATABASE_NAME`: New database to be created by the mysql client module. No defaults.
- `MYSQL_CLIENT_CREATE_DATABASE_USER`: New database user to be created by the mysql client module. No defaults.
- `MYSQL_CLIENT_CREATE_DATABASE_PASSWORD`: Database password for the `MYSQL_CLIENT_CREATE_DATABASE_USER` user. No defaults.
- `MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET`: Character set to use for the new database. No defaults.
- `MYSQL_CLIENT_CREATE_DATABASE_COLLATE`: Database collation to use for the new database. No defaults.
- `MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES`: Database privileges to grant for the user specified in `MYSQL_CLIENT_CREATE_DATABASE_USER` to the database specified in `MYSQL_CLIENT_CREATE_DATABASE_NAME`. No defaults.
- `MYSQL_CLIENT_ENABLE_SSL_WRAPPER`: Whether to force SSL connections to the database via the `mysql` CLI tool. Useful for applications that rely on the CLI instead of APIs. Default: **no**
- `MYSQL_CLIENT_ENABLE_SSL`: Whether to force SSL connections for the database. Default: **no**
- `MYSQL_CLIENT_SSL_CA_FILE`: Path to the SSL CA file for the new database. No defaults
- `MYSQL_CLIENT_SSL_CERT_FILE`: Path to the SSL CA file for the new database. No defaults
- `MYSQL_CLIENT_SSL_KEY_FILE`: Path to the SSL CA file for the new database. No defaults
- `ALLOW_EMPTY_PASSWORD`: It can be used to allow blank passwords. Default: **no**
###### SMTP Configuration
To configure Drupal to send email using SMTP you can set the following environment variables:
- `DRUPAL_SMTP_HOST`: SMTP host.
- `DRUPAL_SMTP_PORT`: SMTP port.
- `DRUPAL_SMTP_USER`: SMTP account user.
- `DRUPAL_SMTP_PASSWORD`: SMTP account password.
- `DRUPAL_SMTP_PROTOCOL`: SMTP protocol. (standard, tls, ssl).
###### PHP configuration
- `PHP_ENABLE_OPCACHE`: Enable OPcache for PHP scripts. No default.
- `PHP_EXPOSE_PHP`: Enables HTTP header with PHP version. No default.
- `PHP_MAX_EXECUTION_TIME`: Maximum execution time for PHP scripts. No default.
- `PHP_MAX_INPUT_TIME`: Maximum input time for PHP scripts. No default.
- `PHP_MAX_INPUT_VARS`: Maximum amount of input variables for PHP scripts. No default.
- `PHP_MEMORY_LIMIT`: Memory limit for PHP scripts. Default: **256M**
- `PHP_POST_MAX_SIZE`: Maximum size for PHP POST requests. No default.
- `PHP_UPLOAD_MAX_FILESIZE`: Maximum file size for PHP uploads. No default.
###### Example
This would be an example of SMTP configuration using a Gmail account:
* Modify the [`docker-compose.yml`](https://github.com/bitnami/bitnami-docker-drupal-nginx/blob/master/docker-compose.yml) file present in this repository:
```yaml
drupal:
...
environment:
- DRUPAL_DATABASE_USER=bn_drupal
- DRUPAL_DATABASE_NAME=bitnami_drupal
- ALLOW_EMPTY_PASSWORD=yes
- DRUPAL_SMTP_HOST=smtp.gmail.com
- DRUPAL_SMTP_PORT=587
- DRUPAL_SMTP_USER=your_email@gmail.com
- DRUPAL_SMTP_PASSWORD=your_password
- DRUPAL_SMTP_PROTOCOL=tls
...
```
* For manual execution:
```console
$ docker run -d --name drupal -p 80:8080 -p 443:8443 \
--env DRUPAL_DATABASE_USER=bn_drupal \
--env DRUPAL_DATABASE_NAME=bitnami_drupal \
--env DRUPAL_SMTP_HOST=smtp.gmail.com \
--env DRUPAL_SMTP_PORT=587 \
--env DRUPAL_SMTP_USER=your_email@gmail.com \
--env DRUPAL_SMTP_PASSWORD=your_password \
--env DRUPAL_SMTP_PROTOCOL=tls \
--network drupal-tier \
--volume /path/to/drupal-persistence:/bitnami \
bitnami/drupal-nginx:latest
```
### Logging
The Bitnami Drupal Docker image sends the container logs to `stdout`. To view the logs:
```console
$ docker logs drupal
```
Or using Docker Compose:
```console
$ docker-compose logs drupal
```
You can configure the containers [logging driver](https://docs.docker.com/engine/admin/logging/overview/) using the `--log-driver` option if you wish to consume the container logs differently. In the default configuration docker uses the `json-file` driver.
### Maintenance
#### Backing up your container
To backup your data, configuration and logs, follow these simple steps:
##### Step 1: Stop the currently running container
```console
$ docker stop drupal
```
Or using Docker Compose:
```console
$ docker-compose stop drupal
```
##### Step 2: Run the backup command
We need to mount two volumes in a container we will use to create the backup: a directory on your host to store the backup in, and the volumes from the container we just stopped so we can access the data.
```console
$ docker run --rm -v /path/to/drupal-backups:/backups --volumes-from drupal busybox \
cp -a /bitnami/drupal /backups/latest
```
#### Restoring a backup
Restoring a backup is as simple as mounting the backup as volumes in the containers.
For the MariaDB database container:
```diff
$ docker run -d --name mariadb \
...
- --volume /path/to/mariadb-persistence:/bitnami/mariadb \
+ --volume /path/to/mariadb-backups/latest:/bitnami/mariadb \
bitnami/mariadb:latest
```
For the Drupal container:
```diff
$ docker run -d --name drupal \
...
- --volume /path/to/drupal-persistence:/bitnami/drupal \
+ --volume /path/to/drupal-backups/latest:/bitnami/drupal \
bitnami/drupal-nginx:latest
```
#### Upgrade this image
Bitnami provides up-to-date versions of MariaDB and Drupal, including security patches, soon after they are made upstream. We recommend that you follow these steps to upgrade your container. We will cover here the upgrade of the Drupal container. For the MariaDB upgrade see: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#upgrade-this-image
##### Step 1: Get the updated image
```console
$ docker pull bitnami/drupal-nginx:latest
```
##### Step 2: Stop the running container
Stop the currently running container using the command
```console
$ docker-compose stop drupal
```
##### Step 3: Take a snapshot of the application state
Follow the steps in [Backing up your container](#backing-up-your-container) to take a snapshot of the current application state.
##### Step 4: Remove the currently running container
Remove the currently running container by executing the following command:
```console
docker-compose rm -v drupal
```
##### Step 5: Run the new image
Update the image tag in `docker-compose.yml` and re-create your container with the new image:
```console
$ docker-compose up -d
```
## Customize this image
The Bitnami Drupal with NGINX Docker image is designed to be extended so it can be used as the base image for your custom web applications.
### Extend this image
Before extending this image, please note there are certain configuration settings you can modify using the original image:
- Settings that can be adapted using environment variables. For instance, you can change the ports used by NGINX for HTTP and HTTPS, by setting the environment variables `NGINX_HTTP_PORT_NUMBER` and `NGINX_HTTPS_PORT_NUMBER` respectively.
- [Adding custom server blocks](https://github.com/bitnami/bitnami-docker-nginx#adding-custom-server-blocks).
- [Replacing the 'nginx.conf' file](https://github.com/bitnami/bitnami-docker-nginx#full-configuration).
- [Using custom SSL certificates](https://github.com/bitnami/bitnami-docker-nginx#using-custom-ssl-certificates).
- [Solving redirection issues](https://github.com/bitnami/bitnami-docker-nginx#solving-redirection-issues).
If your desired customizations cannot be covered using the methods mentioned above, extend the image. To do so, create your own image using a Dockerfile with the format below:
```Dockerfile
FROM bitnami/drupal-nginx
### Put your customizations below
...
```
Here is an example of extending the image with the following modifications:
- Install the `vim` editor
- Modify the NGINX configuration file
- Modify the ports used by NGINX
```Dockerfile
FROM bitnami/drupal-nginx
LABEL maintainer "Bitnami <containers@bitnami.com>"
### Install 'vim'
RUN install_packages vim
### Update ssl_session_timeout
RUN sed -i -r -E 's/ssl_session_timeout\s+5m;/ssl_session_timeout 5m;/' /opt/bitnami/nginx/conf/nginx.conf
### Modify the ports used by NGINX by default
## It is also possible to change these environment variables at runtime
ENV NGINX_HTTP_PORT_NUMBER=8181
ENV NGINX_HTTPS_PORT_NUMBER=8143
EXPOSE 8181 8143
```
Based on the extended image, you can update the [`docker-compose.yml`](https://github.com/bitnami/bitnami-docker-drupal-nginx/blob/master/docker-compose.yml) file present in this repository to add other features:
```diff
drupal:
- image: bitnami/drupal-nginx:latest
+ build: .
ports:
- - '80:8080'
- - '443:8443'
+ - '80:8181'
+ - '443:8143'
environment:
+ - PHP_MEMORY_LIMIT=512m
...
```
## Notable Changes
### 8.9.2-debian-10-r3 and 9.0.2-debian-10-r3
- The size of the container image has been decreased.
- The configuration logic is now based on Bash scripts in the *rootfs/* folder.
- The Drupal container image has been migrated to a "non-root" user approach. Previously the container ran as the `root` user and the NGINX daemon was started as the `daemon` user. From now on, both the container and the NGINX daemon run as user `1001`. You can revert this behavior by changing `USER 1001` to `USER root` in the Dockerfile, or `user: root` in `docker-compose.yml`. Consequences:
- The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`.
- Backwards compatibility is not guaranteed when data is persisted using docker or docker-compose. We highly recommend migrating the Drupal site by exporting its content, and importing it on a new Drupal container. Follow the steps in [Backing up your container](#backing-up-your-container) and [Restoring a backup](#restoring-a-backup) to migrate the data between the old and new container.
### 8.7.2-debian-9-r9 and 8.7.2-ol-7-r8
- This image has been adapted so it's easier to customize. See the [Customize this image](#customize-this-image) section for more information.
- The PHP configuration volume (`/bitnami/php`) has been deprecated, and support for this feature will be dropped in the near future. Until then, the container will enable the PHP configuration from that volume if it exists. By default, and if the configuration volume does not exist, the configuration files will be regenerated each time the container is created. Users wanting to apply custom PHP configuration files are advised to mount a volume for the configuration at `/opt/bitnami/php/conf`, or mount specific configuration files individually.
- Enabling custom NGINX certificates by placing them at `/opt/bitnami/nginx/certs` has been deprecated, and support for this functionality will be dropped in the near future. Users wanting to enable custom certificates are advised to mount their certificate files on top of the preconfigured ones at `/certs`.
## Contributing
We'd love for you to contribute to this container. You can request new features by creating an [issue](https://github.com/bitnami/bitnami-docker-drupal-nginx/issues), or submit a [pull request](https://github.com/bitnami/bitnami-docker-drupal-nginx/pulls) with your contribution.
## Issues
If you encountered a problem running this container, you can file an [issue](https://github.com/bitnami/bitnami-docker-drupal-nginx/issues/new). Be sure to include the following information in your issue:
- Host OS and version
- Docker version (`docker version`)
- Output of `docker info`
- Version of this container
- The command you used to run the container, and any relevant output you saw (masking any sensitive information)
### Community supported solution
Please, note this asset is a community-supported solution. This means that the Bitnami team is not actively working on new features/improvements nor providing support through GitHub Issues. Any new issue will stay open for 20 days to allow the community to contribute, after 15 days without activity the issue will be marked as stale being closed after 5 days.
The Bitnami team will review any PR that is created, feel free to create a PR if you find any issue or want to implement a new feature.
New versions and releases cadence are not going to be affected. Once a new version is released in the upstream project, the Bitnami container image will be updated to use the latest version, supporting the different branches supported by the upstream project as usual.
## License
Copyright &copy; 2022 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

32
bitnami/drupal-nginx/docker-compose.yml Normal file
View File

@@ -0,0 +1,32 @@
version: '2'
services:
mariadb:
image: docker.io/bitnami/mariadb:10.6
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- MARIADB_USER=bn_drupal
- MARIADB_DATABASE=bitnami_drupal
volumes:
- 'mariadb_data:/bitnami/mariadb'
drupal:
image: docker.io/bitnami/drupal-nginx:9
ports:
- '80:8080'
- '443:8443'
environment:
- DRUPAL_DATABASE_HOST=mariadb
- DRUPAL_DATABASE_PORT_NUMBER=3306
- DRUPAL_DATABASE_USER=bn_drupal
- DRUPAL_DATABASE_NAME=bitnami_drupal
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
volumes:
- 'drupal_data:/bitnami/drupal'
depends_on:
- mariadb
volumes:
mariadb_data:
driver: local
drupal_data:
driver: local